Creating a "global" whitelist
MailScanner at ecs.soton.ac.uk
Fri Mar 20 11:51:32 GMT 2009
On 20/3/09 09:06, pippo at olidata.eu wrote:
> I use MailScanner since 6 monthes ago, and now I'm starting managing
> whitelists. Normally, what I need to do is let messages coming from a
> particular user pass untouched regardless the type of potential threat.
> I found out that, to achieve these, I need to modify 4 different rules:
Why not just set a ruleset for "Scan Messages"? Then you only need to
alter one place.
> content.scanning.rules.conf (defined as 'Dangerous Content Scanning'
> spam.whitelist.rules (defined as 'Is Definitely Not Spam' ruleset)
> filename.rules (defined as 'Filename rules' ruleset)
> filetype.rules (defined as 'Filetype rules' ruleset)
> Just for reference the last 2 are defined as explained in MailWatch FAQ
> "Why are messages quarantined again when I release them in MailWatch?"
> (I don't use MailWatch, but this works anyway for whitelists).
> Adding the address to whitelist to all the above 4 files works fine, but
> it's a boring taks, expecially if, like me, you have 4 MailScanner
> servers in parallel (total of 16 files to modify). So I've 2 (or 3)
> Is it possible to define a unique file with a list of addresses and then
> have rulesets reference this file ?
Yes. In a ruleset, instead of putting in the address to match, put the
full path to the file of the address list (or list of address patterns
and so on) and it will apply the same rule to all the address patterns
contained in that file.
> Does anyone ever experienced putting ruleset and maybe MailScanner
> configuration files on a NFS (shared by different MailScanner servers) ?
Better to use rsync to copy the configuration files around all the
machines you need to update.
> And what about Samba (I mean putting the files on a Windows share) ?
You could put /etc/MailScanner on a Samba share, no problem. But using
rsync to copy the config files to all the machines is a lot easier to setup.
> Few monthes ago I experienced putting the quarantine on a Samba share
> and was not working properly,
Not a good idea.
> never tryed with configuration files (I
> fear to create service problems on a production environment).
> Thanks a lot to everyone.
> Massimo Piceni.
Julian Field MEng CITP CEng
Buy the MailScanner book at www.MailScanner.info/store
Need help customising MailScanner?
Need help fixing or optimising your systems?
Need help getting you started solving new requirements from your boss?
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner