[milters] Archive

Lists Index Date Thread Search

Article: 55
From: Anthony Howe
Date: 2004-09-17 15:10:29 -0400
Subject: Re: How did I make myself white listed?

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Leland T. Snyder wrote:
> Removal...........: milters-request@milter.info?subject=remove
> More information..: http://www.milter.info/#Support
> --------------------------------------------------------
> 
> I have an entry in access to relay to a specific host, but it should
pass through the spamd filter before forwarding on.
> Sep 17 13:58:22 spamsys milter-spamc[31989]: checking "/etc/mail/access.db"
for "to:ltsnyder@bikepart.com"
> Sep 17 13:58:22 spamsys milter-spamc[31989]: checking "/etc/mail/access.db"
for "to:bikepart.com"
> Sep 17 13:58:22 spamsys milter-spamc[31989]: access DB
key="to:bikepart.com" value="RELAY"
> Sep 17 13:58:22 spamsys milter-spamc[31989]: 00001 i8HHw27s031991: recipient
<ltsnyder@bikepart.com> white listed, skipping
> 
> as far as I know all components are up, I tested a test message with spamc and the
proper "passed through spamassassin" headers were passed back.
> 
> I'm guessing that sendmail is passing the message to milter-spamc (based off the log
entry) but spamd processing is being skipped because of the white list state of the
recipient.

I'm a little confused by what you are asking here, since the 
white-listing appears to be working as documented.

A To:domain entry in access.db will by-pass most of my milters, like 
milter-spamc, unless you insert:

	milter-spamc-to:domain	REJECT

REJECT is not an action, but a negative. A more descriptive, less 
confusing version of the same line would be:

	milter-spamc-to:domain	HATER

In other words:

	to:domain		RELAY
	milter-spamc-to:domain	HATER

Says to sendmail to relay the domain and to milter-spamc to filter the 
mail regardless.  milter-spamc-* tags take precedence over their more 
generic sendmail variants.

This has been applied in all my milters, so for example your could say 
for a domain/address from/to to skip milter-sender, but scan with 
milter-spamc.  Each milter that does B/W testing has milter-NAME-* tags 
to override the generic variants used by sendmail.

I added these override tags after a mass-mailing virus found its way 
into the company and was by-passing all the filters, because I had 
white-listed the internal LAN.

So to correct that problem I had modify milter-spamc and had in access.db:

	Connect:192.168.1		RELAY
	milter-spamc-connect:192.168.1	HATER

The Connect: tag told sendmail to relay and milter-sender/milter-siq to 
ignore mail from these connections, while milter-spamc would filter for 
content always.

I hope this addresses your question some what.

Anthony Howe


> 
> -Lee
> 
> 


Lists Index Date Thread Search