You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by andrewj <an...@andrewj.com> on 2010/06/12 17:20:57 UTC
Set for Whitelist Only?
I am migrating to a new server with SpamAssassin. I have a well-known email
address which is a common spam target, and I want to set it up so that only
addresses on my whitelist are allowed, everything else is automatically
blacklisted. How do I set this up?
Thanks
Andrew
--
View this message in context: http://old.nabble.com/Set-for-Whitelist-Only--tp28865599p28865599.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Set for Whitelist Only?
Posted by Charles Gregory <cg...@hwcn.org>.
On Sat, 12 Jun 2010, andrewj wrote:
> I am migrating to a new server with SpamAssassin. I have a well-known
> email address which is a common spam target, and I want to set it up so
> that only addresses on my whitelist are allowed, everything else is
> automatically blacklisted. How do I set this up?
Other advice on whitelisting aside, if your statement implies that you
are starting to use spamassassin on mail that was previously unfiltered
you might want to see how much spam actually still arrives in that mailbox
once SA is doing it's job. I found that even some of my hardest hit
mailboxes suddenly dropped down to a managable 3-4 spams delivered per day
when I got SA working on them.
- C
Re: Set for Whitelist Only?
Posted by John Hardin <jh...@impsec.org>.
On Sat, 12 Jun 2010, andrewj wrote:
> I am migrating to a new server with SpamAssassin. I have a well-known
> email address which is a common spam target, and I want to set it up so
> that only addresses on my whitelist are allowed, everything else is
> automatically blacklisted. How do I set this up?
Outside SA (assuming you have administrative access to the MTA). See, for
example, milter-regex or other MTA-level tools that allow you to filter
based on sender and recipient addresses.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
What nuts do with guns is terrible, certainly. But what evil or crazy
people do with *anything* is not a valid argument for banning that
item. -- John C. Randolph <jc...@idiom.com>
-----------------------------------------------------------------------
246 days since President Obama won the Nobel "Not George W. Bush" prize
Re: Set for Whitelist Only?
Posted by RW <rw...@googlemail.com>.
On Sat, 12 Jun 2010 08:20:57 -0700 (PDT)
andrewj <an...@andrewj.com> wrote:
>
> I am migrating to a new server with SpamAssassin. I have a well-known
> email address which is a common spam target, and I want to set it up
> so that only addresses on my whitelist are allowed, everything else
> is automatically blacklisted. How do I set this up?
This kind of thing can be very unforgiving. I'd do the whitelisting and
then add a header rule to add around 5 points for the particular
address. That way BAYES can save you if a sender changes address.
Re: Set for Whitelist Only?
Posted by Evan Platt <ev...@espphotography.com>.
On 06/12/2010 08:20 AM, andrewj wrote:
> I am migrating to a new server with SpamAssassin. I have a well-known email
> address which is a common spam target, and I want to set it up so that only
> addresses on my whitelist are allowed, everything else is automatically
> blacklisted. How do I set this up?
> Thanks
> Andrew
>
Why are you accepting e-mail to that address in the first place? You
should have your MTA not accept the mail in the first place.
Re: Set for Whitelist Only?
Posted by Martin Gregorie <ma...@gregorie.org>.
On Sat, 2010-06-12 at 08:59 -0700, andrewj wrote:
>
> Evan Platt wrote:
> >
> > Why are you accepting e-mail to that address in the first place? You
> > should have your MTA not accept the mail in the first place.
> >
>
> I want to accept email on that address from certain trusted users. I want to
> block everything except the whitelist. can I do this?
>
You don't say what your MTA is, but in Postfix you can do this at MTA
level with header_checks. It gives you the option of rejecting (REJECT),
silently discarding (DISCARD) or excluding the message from further
checks of this type (DUNNO). You can use Perl-type regular expressions
for this. The regexes in a .pcre file are executed in the order they are
listed, so something like
/^From:.*goodguy\@spamsource\.com/ DUNNO
/^From:.*\@spamsource\.com/ REJECT
should accept mail from goodguy@spamsource.com while rejecting all other
mail from spamsource.com. DUNNO is a Postfixism that says 'pretend
messages that match this regex weren't compared with this file's
contents.
Disclaimer: this has not been tested. It was merely written after
looking at the Postfix manual.
Martin
Re: Set for Whitelist Only?
Posted by Benny Pedersen <me...@junc.org>.
On søn 13 jun 2010 08:35:48 CEST, andrewj wrote
> Thanks. This looks like a good solution. Which files do I edit to set this?
> I'm using Plesk to set up the whitelist, so I haven't had to open the config
> files before.
i have no access to a plesk server, so ask them if and how you can do
this settings in there sa backend
if its natively in sa it must be in user_prefs or local.cf or sql based
try make this in to pleask as is and see if it done as is
--
xpoint http://www.unicom.com/pw/reply-to-harmful.html
Re: Set for Whitelist Only?
Posted by andrewj <an...@andrewj.com>.
Benny Pedersen wrote:
>
> whitelist_from frien@example.net
> blacklist_to yourownaddress@example.com
>
Thanks. This looks like a good solution. Which files do I edit to set this?
I'm using Plesk to set up the whitelist, so I haven't had to open the config
files before.
Andrew
--
View this message in context: http://old.nabble.com/Set-for-Whitelist-Only--tp28865599p28869402.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Set for Whitelist Only?
Posted by Benny Pedersen <me...@junc.org>.
On lør 12 jun 2010 17:59:51 CEST, andrewj wrote
> I want to accept email on that address from certain trusted users. I want to
> block everything except the whitelist. can I do this?
> Andrew
whitelist_from frien@example.net
blacklist_to yourownaddress@example.com
when friend write to you scores will be neotral, but for others thay
get the spam score for sending mail to your address
if friends email is on a domain with dkim or spf use
whitelist_auth friend@example.net
dont use willcards
--
xpoint http://www.unicom.com/pw/reply-to-harmful.html
Re: Set for Whitelist Only?
Posted by Dave Pooser <da...@pooserville.com>.
On 6/12/10 10:59 AM, "andrewj" <an...@andrewj.com> wrote:
> I want to accept email on that address from certain trusted users. I want to
> block everything except the whitelist. can I do this?
Do you want those users whitelisted globally, or just for that specific
address? If globally is fine, then just add the trusted users using
whitelist_auth (or whitelist_from if you must, but that is likely to cause
you pain down the road) and then create a local rule along the lines of
(untested, off the top of my head):
header AJ_NOT_TO_ABUSED To =~ /abusedaddress\@example\.com/
score AJ_NOT_TO_ABUSED 80.0
Messages from whitelisted users will start with a score of -20; messages
from other users will start with a score of 80.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the intention of arriving
safely in one pretty and well-preserved piece, but to slide across the
finish line broadside, thoroughly used up, worn out, leaking oil, and
shouting GERONIMO!!!" -- Bill McKenna
Re: Set for Whitelist Only?
Posted by andrewj <an...@andrewj.com>.
Evan Platt wrote:
>
> Why are you accepting e-mail to that address in the first place? You
> should have your MTA not accept the mail in the first place.
>
I want to accept email on that address from certain trusted users. I want to
block everything except the whitelist. can I do this?
Andrew
--
View this message in context: http://old.nabble.com/Set-for-Whitelist-Only--tp28865599p28865820.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Set for Whitelist Only?
Posted by andrewj <an...@andrewj.com>.
Thanks to everyone who helped with this. A variant of Benny's suggestion
works, and can be implemented through plesk without editing the config files
directly:
1. Whitelist all acceptable sources.
2. Blacklist *@*.*
3. Set the reject score to a moderate value, e.g. 10
My whitelisted sources will have a neutral score, or maybe slightly higher,
but will go through. Anyone else will score at least 100 and be rejected.
Bingo!
Thanks
Andrew
--
View this message in context: http://old.nabble.com/Set-for-Whitelist-Only--tp28865599p28876824.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.