Sahil Tandon wrote:
On Sun, 17 Jan 2010, Daniel L. Miller wrote:
The goal is simple - there are some people & businesses my company
needs to correspond with no matter how strict my filter, and no
matter how badly the remote site is configured. Waiting to receive
a message carrying critical business information is simply
unacceptable - so I need an alternative. ASSP provides me with one
- by the simple act of a user sending a message to a remote, that
address and/or domain is immediately whitelisted and immediately
bypasses nearly all the spam filters (virus scans still occur).
I do not know of a stock Postfix feature that provides this
functionality. amavisd-new has 'pen pals' which does something similar
to what you desire. Question: does ASSP simply whitelist the envelope
sender if it matches the envelope recipient of a message sent by one of
your users? That is to say, are messages spoofed with whitelisted
envelope senders simply given a free pass through all your checks?
Not 100% - but close. There are also options (which I use) which
whitelist not only the targeted recipient, but any other mail fields
(like reply-to, list-*, etc) get added, and whitelisting the entire
domain rather than just the one mail user.
Bayesian checks, greylist, and few other ASSP checks are bypassed - but
SPF & SenderBase are still in effect. I believe there is also some MX
validation that also takes place - but for the most part I would say
spoofed senders could bypass the checks. Should this happen, such
senders can be placed on a "redlist" which means they can never be added
to the whitelist - and must pass the usual checks. Commonly spoofed
addresses like yahoo, google, etc I have in the redlist.
In the last couple years I've been using it - I've never had a problem
with spoofed addresses.
--
Daniel
