Creating a "global" whitelist

Julian Field MailScanner at ecs.soton.ac.uk
Fri Mar 20 11:51:32 GMT 2009 


On 20/3/09 09:06, pippo at olidata.eu wrote:
> Hi,
>
> I use MailScanner since 6 monthes ago, and now I'm starting managing
> whitelists. Normally, what I need to do is let messages coming from a
> particular user pass untouched regardless the type of potential threat.
> I found out that, to achieve these, I need to modify 4 different rules:
>    
Why not just set a ruleset for "Scan Messages"? Then you only need to 
alter one place.
>
> content.scanning.rules.conf (defined as 'Dangerous Content Scanning'
> ruleset)
> spam.whitelist.rules (defined as 'Is Definitely Not Spam' ruleset)
> filename.rules (defined as 'Filename rules' ruleset)
> filetype.rules (defined as 'Filetype rules' ruleset)
>
> Just for reference the last 2 are defined as explained in MailWatch FAQ
> "Why are messages quarantined again when I release them in MailWatch?"
> (I don't use MailWatch, but this works anyway for whitelists).
>
> Adding the address to whitelist to all the above 4 files works fine, but
> it's a boring taks, expecially if, like me, you have 4 MailScanner
> servers in parallel (total of 16 files to modify). So I've 2 (or 3)
> questions:
> Is it possible to define a unique file with a list of addresses and then
> have rulesets reference this file ?
>    
Yes. In a ruleset, instead of putting in the address to match, put the 
full path to the file of the address list (or list of address patterns 
and so on) and it will apply the same rule to all the address patterns 
contained in that file.
> Does anyone ever experienced putting ruleset and maybe MailScanner
> configuration files on a NFS (shared by different MailScanner servers) ?
>    
Better to use rsync to copy the configuration files around all the 
machines you need to update.
> And what about Samba (I mean putting the files on a Windows share) ?
>    
You could put /etc/MailScanner on a Samba share, no problem. But using 
rsync to copy the config files to all the machines is a lot easier to setup.
> Few monthes ago I experienced putting the quarantine on a Samba share
> and was not working properly,
Not a good idea.
>   never tryed with configuration files (I
> fear to create service problems on a production environment).
>
> Thanks a lot to everyone.
>
> Massimo Piceni.
>    

Jules

-- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list