Mailing List Archive: SpamAssassin: users

whitelist mail from own host

Index | Next | Previous | View Threaded

stefan.jakobs at rus

May 6, 2008, 12:32 PM

Post #1 of 9 (156 views)
Permalink

whitelist mail from own host

Hello list,

here is a part of the header from a mail I like to whitelist:

X-Spam-Status: Yes, score=6.958 tagged_above=-999 required=5
tests=[BAYES_00=-2.599, NO_RELAYS=-0.001, SPOOF_COM2COM=2.272,
SPOOF_COM2OTH=2.044, URIBL_BLACK=1.955, URIBL_PH_SURBL=1.787,
URIBL_WS_SURBL=1.5]
Received: from server.mydomain.tld ([127.0.0.1])
by localhost (server.mydomain.tld [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id YNy7nG6dpfBy for <root[at]server.mydomain.tld>;
Tue, 6 May 2008 03:06:45 +0200 (CEST)
Received: by server.mydomain.tld (Postfix, from userid 0)
id 158EE552D2F; Tue, 6 May 2008 03:06:45 +0200 (CEST)
To: root[at]server.mydomain.tld
From: stats[at]server.mydomain.tld

The mail contains some mail statistics and therefore sometimes some URIs which
are blacklisted. I can not change the content. That's why I like to use:
whitelist_from_rcvd stats[at]server.mydomain.tld mydomain.tld

But that will not work! How can I whitelist this mail without
using 'whitelist_from stats[at]server.mydomain.tld'?

Thanks
Stefan

me at junc

May 6, 2008, 1:00 PM

Post #2 of 9 (150 views)
Permalink

Re: whitelist mail from own host [In reply to]

On Tue, May 6, 2008 21:32, Stefan Jakobs wrote:

> From: stats[at]server.mydomain.tld

add a spf record for this domain incl the subdomain :-)

then whitelist_auth *@server.mydomain.tld

adjust the whitelist score so it not default -100 but enough to get the mail
through

def_whitelist_auth *@mydomain.tld
whitelist_auth *@server.mydomain.tld

or

unwhitelist_auth *@mydomain.tld
whitelist_auth user[at]mydomain.tld

but add apf for a start

use this to be safe:

v=spf1 mx +all

i know some will say this is bad with +all, but think one more time then :-)

Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098

stefan.jakobs at rus

May 6, 2008, 2:02 PM

Post #3 of 9 (150 views)
Permalink

Re: whitelist mail from own host [In reply to]

On Tuesday 06 May 2008 22:00, Benny Pedersen wrote:
> On Tue, May 6, 2008 21:32, Stefan Jakobs wrote:
> > From: stats[at]server.mydomain.tld
>
> add a spf record for this domain incl the subdomain :-)

Yes, that's a possibility, but I can not do that. At least not in the near
future. Any other ideas?

<snip>
>
>
> Benny Pedersen

Greetings
Stefan

mouss at netoyen

May 6, 2008, 2:06 PM

Post #4 of 9 (150 views)
Permalink

Re: whitelist mail from own host [In reply to]

Stefan Jakobs wrote:
> Hello list,
>
> here is a part of the header from a mail I like to whitelist:
>
> X-Spam-Status: Yes, score=6.958 tagged_above=-999 required=5
> tests=[BAYES_00=-2.599, NO_RELAYS=-0.001, SPOOF_COM2COM=2.272,
> SPOOF_COM2OTH=2.044, URIBL_BLACK=1.955, URIBL_PH_SURBL=1.787,
> URIBL_WS_SURBL=1.5]
> Received: from server.mydomain.tld ([127.0.0.1])
> by localhost (server.mydomain.tld [127.0.0.1]) (amavisd-new, port 10024)
> with LMTP id YNy7nG6dpfBy for <root[at]server.mydomain.tld>;
> Tue, 6 May 2008 03:06:45 +0200 (CEST)
> Received: by server.mydomain.tld (Postfix, from userid 0)
> id 158EE552D2F; Tue, 6 May 2008 03:06:45 +0200 (CEST)
> To: root[at]server.mydomain.tld
> From: stats[at]server.mydomain.tld
>
> The mail contains some mail statistics and therefore sometimes some URIs which
> are blacklisted. I can not change the content. That's why I like to use:
> whitelist_from_rcvd stats[at]server.mydomain.tld mydomain.tld
>
> But that will not work! How can I whitelist this mail without
> using 'whitelist_from stats[at]server.mydomain.tld'?
>

I see from your headers that you use postfix and amavdis-new, and that
such messages are submitted with the sendmail command. if you trust the
machine (no php mail to outside), then you can skip filtering for mail
submitted via sendmail. to do so, just add
-o content_filter=
to the "pickup" service in master.cf

if you don't trust the machine, things get a bit more complex but it's
still feasible.

alternatively, use amavisd-new (policy banks, whitelists, ...). but if
you rely on the sender address, make sure to reject it in your smtpd
(you don't want to give spammers an open road).

me at junc

May 6, 2008, 2:31 PM

Post #5 of 9 (148 views)
Permalink

Re: whitelist mail from own host [In reply to]

On Tue, May 6, 2008 23:06, mouss wrote:

> you rely on the sender address, make sure to reject it in your smtpd
> (you don't want to give spammers an open road).

that was why i sugested spf

Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098

me at junc

May 6, 2008, 2:33 PM

Post #6 of 9 (148 views)
Permalink

Re: whitelist mail from own host [In reply to]

On Tue, May 6, 2008 23:02, Stefan Jakobs wrote:

> Yes, that's a possibility, but I can not do that. At least not in the near
> future. Any other ideas?

depends, but i like to know why spf can't work for you ?

Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098

mouss at netoyen

May 7, 2008, 6:22 AM

Post #7 of 9 (138 views)
Permalink

Re: whitelist mail from own host [In reply to]

Benny Pedersen wrote:
> On Tue, May 6, 2008 23:02, Stefan Jakobs wrote:
>
>
>> Yes, that's a possibility, but I can not do that. At least not in the near
>> future. Any other ideas?
>>
>
> depends, but i like to know why spf can't work for you ?
>

I don't speak for OP, but here is an example:

I want to be able to also send mail via my ISP (free.fr) using my own
email address, and since my ISP doesn't publish SPF records nor a list
of official outgoing servers, I can't afford to guess them (if one of
the authorized IP is later allocated to a spammer, this may ruin my
domain reputation. and if a new outgoing server is added, some servers
may block may mail).

Of course, I won't use a +all, because this is generally a sign spam (at
least this is how it is considered).

Now, OP can use DKIM, which doesn't interfere with relaying.

mouss at netoyen

May 7, 2008, 6:28 AM

Post #8 of 9 (139 views)
Permalink

Re: whitelist mail from own host [In reply to]

Benny Pedersen wrote:
> On Tue, May 6, 2008 23:06, mouss wrote:
>
>
>> you rely on the sender address, make sure to reject it in your smtpd
>> (you don't want to give spammers an open road).
>>
>
> that was why i sugested spf
>

blocking a sender in postfix is trivial. adding SPF support requires
additionnal software (and configuration...).

also, he can block a set of "internal/reserved" senders, and still allow
the domain (In contrast, SPF applies to the whole domain).

stefan.jakobs at rus

May 7, 2008, 2:35 PM

Post #9 of 9 (135 views)
Permalink

Re: whitelist mail from own host [In reply to]

On Tuesday 06 May 2008 23:06, mouss wrote:

<snip>

> I see from your headers that you use postfix and amavdis-new, and that
> such messages are submitted with the sendmail command. if you trust the
> machine (no php mail to outside), then you can skip filtering for mail
> submitted via sendmail. to do so, just add
> -o content_filter=
> to the "pickup" service in master.cf

That's a very good solution. Also saves me for equal problems in the future.
Thanks mouss!

> if you don't trust the machine, things get a bit more complex but it's
> still feasible.
>
> alternatively, use amavisd-new (policy banks, whitelists, ...). but if
> you rely on the sender address, make sure to reject it in your smtpd
> (you don't want to give spammers an open road).

Greetings
Stefan

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact lists@gossamer-threads.com