Solved

Postfix & spamassassin - how to whitelist smtp auth connections

Posted on 2004-08-13
7
2,989 Views
Last Modified: 2008-01-09
I am running postfix, amavis, apamassassin, and razor and it is working well.

However I do have a minor problem in that sometimes email from people outside the office is classed as spam because they are using dynamic IP addresses etc... They all use SMTP AUTH (no TLS) to our mail server.

I have had a look but postfix does not appear to add any custom headers when people send mail via SMTP AUTH.
Is there any way to configure postfix to add a custom header so that I can then look for it and whitelist these emails in spamassassin?
0
Comment
Question by:grblades
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 11795274
I don't know if you can generate a header for authenticated connections w/Postfix, but you can explictly whitelist those users in the SpamAssassin prefs.
0
 
LVL 36

Author Comment

by:grblades
ID: 11795313
The problem with whitelisting those users is that any spam pretending to be from them will get through which is not that uncommon.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 11796836
Quite true, but the alternative is losing the mail by it being classified as spam. I'd accept a bit more spam to be sure that I didn't trash a legitimate email.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 22

Expert Comment

by:pjedmond
ID: 11801536
The spamassassin whitelist format for local.cf examples:

whitelist_from      *rhn.redhat.com
whitelist_from      *@apple.com
whitelist_from  boss@yahool.com
whitelist_from  *@mycompany.com

Yes we know that they can be spoofed.........
0
 
LVL 9

Accepted Solution

by:
_GeG_ earned 500 total points
ID: 11801922
sorry, no fully featured solution, but maybe a hint ;):
check http://advosys.ca/papers/postfix-filtering.html
They have an interesting way to involve the filtering.
If you invoke spamassasin etc by a recipient map,
you can disable it for authenticated users, if you set

smtpd_recipient_restrictions = permit_sasl_authenticated
    check_recipient_access hash:/etc/postfix/filtered_domains
    ....

because the authenticated users are permitted in the first line, the rest must pass the filter. Of course this works only if you use sasl for authentication.
0
 
LVL 36

Author Comment

by:grblades
ID: 11802110
I'll have a look at that but I think it will be very difficult to implement with my configuration.

In postfix's master.cf file I have the normal smtp port defined as accepting email with a content filter to pass email onto amavis for virus checking. Amavis then passes the email back to postfix on a different port which then uses a content filter procmail:spamassassin to sent to spamd. Spamd then send the mail back to postfix using sendmail compatability and it gets delivered via procmail/lmtp.
This means each email goes through procmail 3 times.
I have to be carefull not to defing a default content filter etc... otherwise mail goes round in a continuous loop!
0
 
LVL 36

Author Comment

by:grblades
ID: 11882273
Thanks I haven't implemented anything in procmail. In the end I just reduced the score allocated to dynamic IP addresses as this has made very little difference to the spam we detect.

If we start getting lots of spam being sent from compromised home machines then I will need to look at this again.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Install XRDP on Ubuntu Server 16.10 x64 3 117
check the file dates in unix 14 77
ifconfig related commands 6 22
leap year shell script 10 53
Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question