On 26 maj 2009, at 11.05, Raimo Niskanen wrote: > On Mon, May 25, 2009 at 10:45:03PM +0200, Per-Olov Sjvholm wrote: >> On 25 maj 2009, at 17.50, patrick keshishian wrote: >> >>> On Mon, May 25, 2009 at 4:03 AM, Per-Olov Sjvholm <p...@incedo.org> >>> wrote: >>>> Hi misc >>>> >>>> I was trying to add: >>>> "se" or "*.se" to /etc/mail/spamd.alloweddomains which obviously >>>> wont >>>> work... >>>> >>>> But adding "xxx.se" works.... >>>> >>>> >>>> l really want to add the whole SE domain as we do not get that much >>>> spam >>>> from SE and will have a lot less administration. >>> >>> I think you don't understand the purpose of spamd.alloweddomains >>> file. >>> re-reading spamd(8) might be helpful. hint: pay close attention to >>> the >>> phrase "destination address" >>> >>> --patrick >> >> >> Yes >> >> you are right. >> >> I removed the spamd.alloweddomains file and all blacklisted headache >> disappeared... :-) I was actually looking for a OpenBSD built in >> replacement for milter-greylist where you could specify regular >> expressions for white listed senders. But it seems you could not >> white >> list senders e-mail adresses, domains or regular expression >> combinations with spamd. Or could I ??? > > Not as it is. > > But senders addresses are in spam faked. MTA domain > could be an useful whitelisting criteria. > There is a famous script by Bob Beck called "greyscanner" > that parses the spamdb database and traps hosts that > are on the grey list. That script calls "spamdb -t -a ..." > but could maybe be modified to also whitelist > MTA hosts based on their HELO name (after checking > reverse DNS lookup). > > Otherwise a common solution is to have another pf table > in addition to spamd-white (I called it spamd-gold) to > give permanent whitelisting based on IP address by > pf rules such as: > table <spamd-gold> persist file "/etc/mail/spamd-gold" > : > no rdr inet proto tcp from <spamd-gold> to any port smtp > > And then manually add your friendly IP ranges... >
I do not see what the MTA:s domain name have to do with the senders domain? Not useful... I do not want to white list all ISP IP:s in Sweden. I want to white list sender domains (partners, customers etc,) or parts of it. A table is useless here as it whitelist IP:s . I will find another solution. for it.... Regarding HELO checking. I have milter-regex and a few other nice tools here :-) Thanks /Per-Olov > >> >> /Per-Olov >> >> -- >> GPG keyID: 5231C0C4 >> GPG fingerprint: B232 3E1A F5AB 5E10 7561 6739 766E D29D 5231 C0C4 >> GPG key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x766ED29D5231C0C4 > > -- > > / Raimo Niskanen, Erlang/OTP, Ericsson AB -- GPG keyID: 5231C0C4 GPG fingerprint: B232 3E1A F5AB 5E10 7561 6739 766E D29D 5231 C0C4 GPG key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x766ED29D5231C0C4
