Creating a "global" whitelist
Scott Silva
ssilva at sgvwater.com
Fri Mar 20 21:44:33 GMT 2009
on 3-20-2009 2:06 AM pippo at olidata.eu spake the following:
> Hi,
>
> I use MailScanner since 6 monthes ago, and now I'm starting managing
> whitelists. Normally, what I need to do is let messages coming from a
> particular user pass untouched regardless the type of potential threat.
> I found out that, to achieve these, I need to modify 4 different rules:
>
> content.scanning.rules.conf (defined as 'Dangerous Content Scanning'
> ruleset)
> spam.whitelist.rules (defined as 'Is Definitely Not Spam' ruleset)
> filename.rules (defined as 'Filename rules' ruleset)
> filetype.rules (defined as 'Filetype rules' ruleset)
>
> Just for reference the last 2 are defined as explained in MailWatch FAQ
> "Why are messages quarantined again when I release them in MailWatch?"
> (I don't use MailWatch, but this works anyway for whitelists).
>
> Adding the address to whitelist to all the above 4 files works fine, but
> it's a boring taks, expecially if, like me, you have 4 MailScanner
> servers in parallel (total of 16 files to modify). So I've 2 (or 3)
> questions:
> Is it possible to define a unique file with a list of addresses and then
> have rulesets reference this file ?
> Does anyone ever experienced putting ruleset and maybe MailScanner
> configuration files on a NFS (shared by different MailScanner servers) ?
> And what about Samba (I mean putting the files on a Windows share) ?
> Few monthes ago I experienced putting the quarantine on a Samba share
> and was not working properly, never tryed with configuration files (I
> fear to create service problems on a production environment).
>
> Thanks a lot to everyone.
>
> Massimo Piceni.
It isn't easy because it is a very unsafe practice to get into. I don't
whitelist users in this manner, I only will quarantine everything and release
it after I can be sure it isn't a destructive attachment. If you have high
level people asking you to let this stuff through, just let them know that one
bad attachment will damage the entire network, not just one machine.
--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20090320/8a1f3704/signature.bin
More information about the MailScanner
mailing list