bypassing SpamAssassin and virus checks for ...

Fri May 21 10:37:51 IST 2010

On 20/05/2010 18:32, Robert Lopez wrote:
> This college has contracted with an organization to handle
> all emergency communications which will be sent by text
> message to those who sign up and by email to everyone.
> That organization has requested certain "whitelisting" to
> occur on our email gateways.
>
> I have done the whitelisting I can do on Postfix.
> If I had a better understanding of Postfix, it might have
> been better to have Postfix bypass MailScanner.
>
> Now I need to tell MailScanner to allow the email to
> bypass SpamAssassin and the virus checking software.
>
> Thus far I have not utilized any RuleSets files.
> The book says bypassing SpamAssassin does not
> bypass the virus checking.
>
> As I plan I am looking at these two modifications:
>
> --------------------------------------------------------------------------------
>
> 1) Add to
> /etc/MailScanner/rules/spam.whitelist.rules
> and enable use in /etc/MailScanner/MailScanner.conf
>
> From:		207.66.21.3		yes
> From:		69.25.199.33		yes
> From:		205.237.106.3		yes
> From:		@getrave.com		yes
> From:		@ravewireless.com	yes
> From:		@ravemobilesafety.com	yes
> From:		*cnm.edu at getrave.com	yes
> From:		No-reply at getrave.com	yes
>
> --------------------------------------------------------------------------------
>
> 2) Add to
> /etc/MailScanner/rules/virus.scanning.rules
> and enable use in /etc/MailScanner/MailScanner.conf
>
> From:		207.66.21.3		yes
> From:		69.25.199.33		yes
> From:		205.237.106.3		yes
> From:		@getrave.com		yes
> From:		@ravewireless.com	yes
> From:		@ravemobilesafety.com	yes
> From:		*cnm.edu at getrave.com	yes
> From:		No-reply at getrave.com	yes
>    
As the configuration setting is called "Virus Scanning =", then giving a 
response of "yes" will cause it to virus-scan those emails, which is the 
opposite of what you want. It's dead simple, all a ruleset does is vary 
the response to the configuration setting depending on properties of the 
message. So if you want to say "Virus Scanning = no" for messages from 
no-reply at getrave.com, then you clearly have to put "no" in the ruleset 
file line for that address.

There is a much simpler way, just use a ruleset on "Scan Messages" as 
that is the global switch you are looking for.

Jules.
> --------------------------------------------------------------------------------
>
> The two sets of lines are exactly the same in both of the files.
> It seems redundant. Because in a real emergency the
> service will "open multiple SMTP connections and attempt to
> send a large number of emails in a short period of time" I
> should be concerned with system load.
>
> Are my plans sufficient?
> Is there something more efficient I should consider?
>
>    

Jules

-- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at twitter.com/JulesFM and twitter.com/MailScanner

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.