Loading ...
Sorry, an error occurred while loading the content.

Re: Whitelists

Expand Messages
  • Roman Gelfand
    I am using the following directive for filtering. The mail goes through 2 grey listing filters, bl lookup using policy_daemon, dkim, spf, dspam, etc... I
    Message 1 of 7 , Jan 1, 2012
    • 0 Attachment
      I am using the following directive for filtering. The mail goes
      through 2 grey listing filters, bl lookup using policy_daemon, dkim,
      spf, dspam, etc... I don't want to start adding a whitelist entry to
      every filter.

      smtpd_recipient_restrictions =
      permit_mynetworks,
      reject_unauth_destination,
      check_recipient_access pcre:/etc/postfix/dspam_check_aliases,
      check_sender_access pcre:/etc/postfix/dspam_check_aliases,
      check_policy_service inet:127.0.0.1:2501,
      check_policy_service inet:127.0.0.1:5525,
      reject_unlisted_recipient,
      check_policy_service inet:127.0.0.1:12525


      On Sun, Jan 1, 2012 at 11:31 PM, /dev/rob0 <rob0@...> wrote:
      > On Sunday 01 January 2012 21:56:43 Roman Gelfand wrote:
      >> I see there is a way to whitelist domain.
      >
      > Numerous ways, depending on what you mean by "domain".
      >
      >> Is it possible to whitelist sender email address?
      >
      > FWIW (very little, in fact) there is check_sender_access. Not a good
      > tool for whitelisting, because every email address is used as sender
      > by spammers, sooner or later.
      >
      > http://www.postfix.org/SMTPD_ACCESS_README.html
      > http://www.postfix.org/postconf.5.html#check_sender_access
      >
      >> Also, if I am running several filters, will postfix
      >> automatically disable filtering for this sender email address?
      >
      > Nothing is automatic. You either configure filtering, or not. Why
      > would you want to bypass filtering? Do you want to receive "bad"
      > content [which claims to be] from that address?
      >
      > You might do better here if you describe the problem you have that
      > you're wanting to solve. Generally I believe that whitelisting is the
      > wrong approach when spam blocking is too aggressive; if you take out
      > unsafe and unreasonable restrictions, most good mail will go through.
      >
      > If you're having trouble implementing something, see here:
      >
      > http://www.postfix.org/DEBUG_README.html#mail
      > --
      >  http://rob0.nodns4.us/ -- system administration and consulting
      >  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
    • Stan Hoeppner
      ... check_sender_access hash:/etc/postfix/whitelist ... /etc/postfix/whitelist example.com permit_auth_destination user@example2.com permit_auth_destination
      Message 2 of 7 , Jan 2, 2012
      • 0 Attachment
        On 1/1/2012 11:19 PM, Roman Gelfand wrote:
        > I am using the following directive for filtering. The mail goes
        > through 2 grey listing filters, bl lookup using policy_daemon, dkim,
        > spf, dspam, etc... I don't want to start adding a whitelist entry to
        > every filter.
        >
        > smtpd_recipient_restrictions =
        > permit_mynetworks,
        > reject_unauth_destination,
        check_sender_access hash:/etc/postfix/whitelist
        > check_recipient_access pcre:/etc/postfix/dspam_check_aliases,
        > check_sender_access pcre:/etc/postfix/dspam_check_aliases,
        > check_policy_service inet:127.0.0.1:2501,
        > check_policy_service inet:127.0.0.1:5525,
        > reject_unlisted_recipient,
        > check_policy_service inet:127.0.0.1:12525

        /etc/postfix/whitelist
        example.com permit_auth_destination
        user@... permit_auth_destination

        After creating or modifying /etc/postfix/whitelist do

        $ postmap whitelist

        See: man 5 access

        --
        Stan
      • /dev/rob0
        ... Roman mentioned filters , so naturally I thought he was referring to content filtering. Bypassing restrictions is done as Stan showed. ... My only
        Message 3 of 7 , Jan 2, 2012
        • 0 Attachment
          On Monday 02 January 2012 09:26:18 Stan Hoeppner wrote:
          > On 1/1/2012 11:19 PM, Roman Gelfand wrote:
          > > I am using the following directive for filtering. The mail goes
          > > through 2 grey listing filters, bl lookup using policy_daemon,
          > > dkim, spf, dspam, etc... I don't want to start adding a
          > > whitelist entry to every filter.

          Roman mentioned "filters", so naturally I thought he was referring to
          content filtering. Bypassing restrictions is done as Stan showed.

          > > smtpd_recipient_restrictions =
          > >
          > > permit_mynetworks,
          > > reject_unauth_destination,
          >
          > check_sender_access hash:/etc/postfix/whitelist

          My only additional suggestion would be that the filename should
          reflect a bit more of how it is used, i.e., "sender_whitelist".

          > > check_recipient_access pcre:/etc/postfix/dspam_check_aliases,
          > > check_sender_access pcre:/etc/postfix/dspam_check_aliases,
          > > check_policy_service inet:127.0.0.1:2501,
          > > check_policy_service inet:127.0.0.1:5525,
          > > reject_unlisted_recipient,
          > > check_policy_service inet:127.0.0.1:12525
          >
          > /etc/postfix/whitelist
          > example.com permit_auth_destination
          > user@... permit_auth_destination
          >
          > After creating or modifying /etc/postfix/whitelist do
          >
          > $ postmap whitelist
          >
          > See: man 5 access

          --
          http://rob0.nodns4.us/ -- system administration and consulting
          Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
        Your message has been successfully submitted and would be delivered to recipients shortly.