[prev in list] [next in list] [prev in thread] [next in thread]
List: amavis-user
Subject: Re: whitelist sender domain 'Return-path:' vs 'From:'
From: Dominic Raferd <dominic () timedicer ! co ! uk>
Date: 2018-03-21 17:44:31
Message-ID: CAF9Mo3K6c5KBVotAq0mEJu+HesQye9xUdccqKHTQAArv0AtWEg () mail ! gmail ! com
[Download RAW message or body]
On 21 March 2018 at 16:44, Martin Johannes Dauser <mdauser@cs.sbg.ac.at>
wrote:
> Regarding that whitelist_sender_maps would work on 'From:' header, not the
> envelope sender, I can not comply!
>
> I set buxdehu.de in whitelist
>
> Then I telnet to my mailserver
>
> $ *telnet localhost 25*
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> 220 mail.cs.sbg.ac.at ESMTP Postfix (RHEL/GNU)
> *EHLO mail.cs.sbg.ac.at <http://mail.cs.sbg.ac.at>*
> 250-mail.cs.sbg.ac.at
> 250-PIPELINING
> 250-SIZE 52428800
> 250-VRFY
> 250-ETRN
> 250-STARTTLS
> 250-XFORWARD NAME ADDR PROTO HELO SOURCE PORT IDENT
> 250-ENHANCEDSTATUSCODES
> 250-8BITMIME
> 250 DSN
> *MAIL FROM:<lala@buxdehu.de>*
> 250 2.1.0 Ok
> *RCPT TO:<mdauser@cs.sbg.ac.at>*
> 250 2.1.5 Ok
> *DATA*
> 354 End data with <CR><LF>.<CR><LF>
> *FROM: lumlum@la.la <lumlum@la.la>*
> *SUBJECT: testmail*
>
> *test*
> *.*
> 250 2.0.0 Ok: queued as 31F66200A4D2
> *QUIT*
>
> And I get
> X-spam-status: No, score=x required=6 WHITELISTED tests=[]
>
> So at least in my setup it's the envelope sender which is observed.
>
> A failure of mine in the previous posts was, that I used quotes within the
> files for whitelisting.
> Thats's a baaad idea.
>
> Best regards
> Martin Johannes Dauser
>
> On Wed, 2018-03-21 at 14:35 +0000, Dominic Raferd wrote:
>
>
>
> On 26 February 2018 at 16:34, Dominic Raferd <dominic@timedicer.co.uk>
> wrote:
>
> I have now updated my 50-user.conf to this:
> $interface_policy{'10024'} = 'INCOMING';
> $policy_bank{'INCOMING'} = {
> whitelist_sender_maps => [ read_hash('/etc/amavis/whitelist') ],
> };
>
>
> Note that this whitelisting technique works on the address given in the
> 'From:' header, not the envelope sender (aka Return-Path).
>
> Each address in /etc/amavis/whitelist (one per line, comments and blank
> lines are ignored) can be whole email address, domain only, or domain
> preceded by dot in which case it matches emails from domain *and* any
> subdomains:
>
> # example amavis whitelist file
>
> amavis-users@amavis.org
> .currys.co.uk
> zpg.co.uk
>
> After updating the file you (probably - untested) have to reload amavis
> for it to take account of the changes. If you have systemd:
> systemctl reload-or-restart amavis
>
>
Interesting but in my setup it is definitely the From: header that is
compared, I have numerous examples, and I cannot find a single
counter-example (where an email is whitelisted and the whitelist can only
be because of the envelope sender). I guess there must be some subtle
difference in our setup?
[Attachment #3 (text/html)]
<div dir="ltr"><div class="gmail_default" style="font-size:small"><br></div><div \
class="gmail_extra"><br><div class="gmail_quote">On 21 March 2018 at 16:44, Martin \
Johannes Dauser <span dir="ltr"><<a href="mailto:mdauser@cs.sbg.ac.at" \
target="_blank">mdauser@cs.sbg.ac.at</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div><div>Regarding that whitelist_sender_maps would work on \
'From:' header, not the envelope sender, I can not \
comply!</div><div><br></div><div>I set <a href="http://buxdehu.de" \
target="_blank">buxdehu.de</a> in whitelist </div><div><br></div><div>Then I telnet \
to my mailserver </div><div><br></div><div style="margin-left:3ch"><div>$ \
<i><b>telnet localhost 25</b></i></div><div>Trying 127.0.0.1...</div><div>Connected \
to localhost.</div><div>Escape character is '^]'.</div><div>220 <a \
href="http://mail.cs.sbg.ac.at" target="_blank">mail.cs.sbg.ac.at</a> ESMTP Postfix \
(RHEL/GNU)</div><div><i><b>EHLO <a href="http://mail.cs.sbg.ac.at" \
target="_blank">mail.cs.sbg.ac.at</a></b></i></div><div><a \
href="http://250-mail.cs.sbg.ac.at" \
target="_blank">250-mail.cs.sbg.ac.at</a></div><div>250-PIPELINING</div><div>250-SIZE \
52428800</div><div>250-VRFY</div><div>250-ETRN</div><div>250-STARTTLS</div><div>250-XFORWARD \
NAME ADDR PROTO HELO SOURCE PORT \
IDENT</div><div>250-ENHANCEDSTATUSCODES</div><div>250-8BITMIME</div><div>250 \
DSN</div><div><i><b>MAIL FROM:<<a>lala@buxdehu.de></a></b></i></div><div>250 \
2.1.0 Ok</div><div><i><b>RCPT \
TO:<<a>mdauser@cs.sbg.ac.at></a></b></i></div><div>250 2.1.5 \
Ok</div><div><i><b>DATA</b></i></div><div>354 End data with \
<CR><LF>.<CR><LF></div><div><b><i>FROM: <a \
href="mailto:lumlum@la.la" \
target="_blank">lumlum@la.la</a></i></b></div><div><b><i>SUBJECT: \
testmail</i></b></div><div><b><i><br></i></b></div><div><b><i>test</i></b></div><div><b><i>.</i></b></div><div>250 \
2.0.0 Ok: queued as 31F66200A4D2</div><div><b><i>QUIT</i></b></div></div><div></div><div><br></div><div>And \
I get </div><div style="margin-left:3ch"><div>X-spam-status: No, score=x required=6 \
WHITELISTED tests=[]</div></div><div><br></div><div>So at least in my setup it's \
the envelope sender which is observed.</div><div><br></div><div>A failure of mine in \
the previous posts was, that I used quotes within the files for \
whitelisting.</div><div>Thats's a baaad idea.</div><div><br></div><div>Best \
regards</div><div>Martin Johannes Dauser</div><div><br></div><div>On Wed, 2018-03-21 \
at 14:35 +0000, Dominic Raferd wrote:</div><blockquote type="cite"><div \
dir="ltr"><div style="font-size:small"><br></div><div class="gmail_extra"><br><div \
class="gmail_quote">On 26 February 2018 at 16:34, Dominic Raferd <span \
dir="ltr"><<a href="mailto:dominic@timedicer.co.uk" \
target="_blank">dominic@timedicer.co.uk</a>></span> wrote:<br><blockquote \
type="cite">I have now updated my 50-user.conf to this:<br> \
$interface_policy{'10024'} = 'INCOMING';<br> \
$policy_bank{'INCOMING'} = {<br> <span> whitelist_sender_maps => [ \
read_hash('/etc/amavis/whiteli<wbr>st') ],<br> \
</span>};<br></blockquote><div> </div></div></div><div class="gmail_extra"><div \
style="font-size:small">Note that this whitelisting technique works on the address \
given in the 'From:' header, not the envelope sender (aka \
Return-Path).</div><div style="font-size:small"><br></div><div \
style="font-size:small">Each address in /etc/amavis/whitelist (one per line, comments \
and blank lines are ignored) can be whole email address, domain only, or domain \
preceded by dot in which case it matches emails from domain *and* any \
subdomains:</div><div style="font-size:small"><br></div><div \
style="font-size:small"># example amavis whitelist file</div><div \
style="font-size:small"><br></div><div style="font-size:small"><a \
href="mailto:amavis-users@amavis.org" \
target="_blank">amavis-users@amavis.org</a></div><div style="font-size:small">.<a \
href="http://currys.co.uk" target="_blank">currys.co.uk</a></div><div \
style="font-size:small"><a href="http://zpg.co.uk" \
target="_blank">zpg.co.uk</a></div><br></div><div class="gmail_extra"><div \
style="font-size:small">After updating the file you (probably - untested) have to \
reload amavis for it to take account of the changes. If you have systemd:</div><div \
style="font-size:small">systemctl reload-or-restart \
amavis</div><br></div></div></blockquote></div></blockquote><div><br></div><div \
class="gmail_default" style="font-size:small">Interesting but in my setup it is \
definitely the From: header that is compared, I have numerous examples, and I cannot \
find a single counter-example (where an email is whitelisted and the whitelist can \
only be because of the envelope sender). I guess there must be some subtle \
difference in our setup?</div></div><br></div></div>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic