On 13 Sep 2006 at 10:50, Theo Van Dinter wrote: > If you want something specifically always whitelisted, yes, it needs > a whitelist_* config somewhere. If user prefs are disabled, it would > need to be in a site-wide config file, though not necessarily local.cf > (*.cf is fine).
That sounds reasonable. I'll create a file (whitelist.cf) for manually whitelisting senders. Am I right in thinking that I will need to HUP SA after each edit? > > best method allow mortal users (via http) to whitelist senders. I had > > been using `$f->add_address_to_whitelist ($addr)` but that seems to > > specifically add them to the whitelist DB. > > There's no SA function that will force a whitelist/create a config file > for you. If you have a web interface already, I'd add some code to > allow users to paste in the headers of a message they want whitelisted. > From there, you can parse out the information (using SA function if you > like) to create a whitelist entry (try to do whitelist_from_rcvd, and > only failback to whitelist_from if necessary since it's easily forged). > I'd probably save that info in a DB or something, and then periodically > update a cf file and restart spamd. I agree using the header is the best method, but I can't imagine my users cutting and pasting headers. I think a saved email, uploaded and parsed, as you say with `parse` would be a easier route for my users to take. The only other concern is security of the files in /etc/spamassassin. That needs some thought, perhaps SUExec might help. > Even better, if someone wants a sender whitelisted, do it in whatever you have > calling SA if possible. I have tried this but without success. I am using Exim (exim 4.5 and sa-exim) and I appear to have lost the access control that exim provides. The would also have the same security problem with this method, EG: allowing a httpd to write to file in /etc. Still it might be a worth investigating. Thanx for taking the time and the advice. I am a bit clearer now. Regards, Dp.
