[Mimedefang] white listing $senders
Jeffrey Goldberg
jeffrey at goldmark.org
Wed Jul 7 18:43:03 EDT 2004
I wish to whitelist early based on $sender. (I will only whitelist
domains that publish SPF records).
I want to double check that what I am thinking is correct. So here is
what I have done (but not "turned on" yet)
The multiplexor is called with -s
My goal is
(a) to leave some messages untampared with
(b) to save processing (specifically unnessary spamassassin checks)
To mimedefang-filter I've added the following two functions
sub filter_sender {
my ($sender, $ip, $hostname, $helo) = @_;
return('ACCEPT_AND_NO_MORE_FILTERING', "Sender whitelisted")
if is_whitelisted($sender, $ip);
return ('CONTINUE', "ok");
}
sub is_whitelisted {
my ($sender, $ip) = @_;
my ($whitelistfile) = '/var/spool/MIMEDefang/whitelist.txt' ;
return true if ($ip =~ /^192\.168/ );
if(open (WHITELIST, "< $whitelistfile" )) {
@whitelist = <WHITELIST> ;
return true if grep { /\b$sender$/i } @whitelist ;
}
return false;
}
The file /var/spool/MIMEDefang/whitelist.txt will contain a list of email
addresses and domains each on a line by itself. (I already see that I
forgot to chomp). It might look like
mydomain.example
friendsdomain.example
netflix.com
some-customer at isp.example
other-customer at isp2.example
and so on.
I have a couple of questions.
(1) Other than my forgetting to chomp are there other errors in the code
that people notice.
(2) Will the whitelist file be opened anew with every incoming mail? or
will it only be opened when the mutliplexor starts a slave?
(3) If the answer to (2) is "every time" is there something I can to fix
that while still keeping the whitelist in an external file?
(4) I'm using bayes autolearn for spamassassin, if I by-pass spamassassin
with this whitelisting am I depriving the autolearn system with
important information?
I also have a few policy questions.
(4) What I'm doing will exempt whitelisted mail not only from defanging,
bad extention checks and SpamAssassin, but also from virus scanning.
Is that stupid? Note that at the site in question almost all (but
not all) email users are on Linux. Of the few MS-Windows users,
almost everyone (but not everyone) is using a Mozilla based MUA.
(But I know that there is at least one Outhouse user still, and
that is not going to change).
-j
--
Jeffrey Goldberg http://www.goldmark.org/jeff/
Relativism is the triumph of authority over truth, convention over justice
Hate spam? Boycott MCI! http://www.goldmark.org/jeff/anti-spam/mci/
More information about the MIMEDefang
mailing list