Quote:
Originally Posted by flyinraptr  Running v5.0.13 - open source on Ubuntu 8.04. Following the guide on this site adjusted the percentages for Spam reject and deletion to block out more spam - it is working satisfactorily as less spam is ending up in the inbox & junk folder, however, there are a couple sites that are now being deleted that I would like to receive without opening the whole thing back up. Haven't been able to find anything with regards to creating a "whitelist". Is this possible and could someone point me in the right direction on how to do it?
Thanks |
FWIW, we don't like to whitelist any email address ever. Our reasoning is that the user's PC whose email address you are whitelisting may one day get infected, and then you have enabled their PC to send who-knows-how-many millions of spam emails, or emails containing malware through
your Zimbra server.
So, we prefer to "pre-score" certain email addresses instead.
This mod won't stick between Zimbra upgrades, but it provides for a level control and adjustment that just out and out whitelisting doesn't.
To do this, just find the section in
/opt/zimbra/conf/amavisd.conf.in that starts with:
Code:
# read_hash("/var/amavis/sender_scores_sitewide"),
{ # a hash-type lookup table (associative array)
'nobody@cert.org' => -3.0,
'cert-advisory@us-cert.gov' => -3.0,
'owner-alert@iss.net' => -3.0,
'slashdot@slashdot.org' => -3.0,
'securityfocus.com' => -3.0,
'ntbugtraq@listserv.ntbugtraq.com' => -3.0,
'security-alerts@linuxsecurity.com' => -3.0, Add the email addresses you wish to "whitelist" to this list.
The way it works is that the "-3.0" Amavis tells Spamassassin is the "pre-score" for all emails from that email address.
In the absence of a prescore, inbound emails have a score of zero before being screened by SpamAssassin. If the SpamAssassin test results generate a score above either threshold, the email is discarded or marked as spam and sent to the Junk folder.
Say for example your users get emails from a less-than RFC-compliant configured email server, so all the emails from that server arrive with a score of 6.5 or so; your Zimbra users will likely not ever see those emails, and they will complain.
So, if you prescore those senders with -3.0, then those emails which would otherwise have earned a 6.5 score will now get a 3.5 score and make it to your Zimbra users' Inboxes, ending the complaints.
But, if the sender starts sending real junk/malware/viruses, that truly junk email will likely get a score well above 10.0. With a prescore of -3.0, the net score (7.0) will still be high enough to have that junk email filtered out by Zimbra, protecting your users.
BTW, after you modify the
/opt/zimbra/conf/amavisd.conf.in file, you'll need to run as the zimbra user
zmamavisctl stop; zmamavisctl start.
Hope that helps,
Mark
Bugzilla
Wiki
Source
Linear Mode
