From 327c43692a56587532d8bc1ae46f13f6def427c8 Mon Sep 17 00:00:00 2001 From: Christoph Date: Tue, 26 Feb 2019 12:38:27 +0100 Subject: [PATCH] Add global sender whitelist. Add virus_lovers. --- install_amavis.sh | 165 ++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 161 insertions(+), 4 deletions(-) diff --git a/install_amavis.sh b/install_amavis.sh index cfb3efa..fb47964 100755 --- a/install_amavis.sh +++ b/install_amavis.sh @@ -3227,8 +3227,38 @@ if ! $installation_failed ; then echo_ok fi +echononl " Create file '/etc/postfix/sender_whitelist'" +if [[ ! -f "/etc/postfix/sender_whitelist" ]]; then + cat << EOF > /etc/postfix/sender_whitelist 2> '$tmp_err_msg' +# - Example '/etc/postfix/sender_whitelist' +# - +# - Used by Amavis Configuration 'whitelist_sender_maps' / '%whitelist_sender' +# - +# - #full email address +# - some.trustworthy@doma.in 1 +# - +# - #full local part +# - some.trustworthy@ 1 +# - +# - #full email domain +# - in.domain.we.trust 1 +# - +# - #accepting sub domains +# - .we.trust 1 +# - +EOF + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $tmp_err_msg)" + fi +else + echo_skipped +fi + echononl " Create file '/etc/postfix/spam_lovers'" -if [[ ! -f "" ]]; then +if [[ ! -f "/etc/postfix/spam_lovers" ]]; then cat << EOF > /etc/postfix/spam_lovers 2> '$tmp_err_msg' # - Example '/etc/postfix/spam_lovers' # - @@ -3255,6 +3285,34 @@ else echo_skipped fi +echononl " Create file '/etc/postfix/virus_lovers'" +if [[ ! -f "/etc/postfix/virus_lovers" ]]; then + cat << EOF > /etc/postfix/virus_lovers 2> '$tmp_err_msg' +# - Example '/etc/postfix/virus_lovers' +# - +# - # Adresses +# - adress@domain1.com 1 +# - [..] +# - +# - # All addresses of a domain +# - domain2.com 1 +# - [..] +# - +# - # All adresses of a domain except a single user +# - adress_1@domain3.com 0 +# - domain3.com 1 +# - +EOF + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $tmp_err_msg)" + fi +else + echo_skipped +fi + ## - Configure amavis in /etc/amavis/conf.d ## - @@ -3322,7 +3380,7 @@ use strict; # !! smtpd_proxy_filter - see master.cf !! # # -#$inet_socket_port = [10024, 10026]; +#\$inet_socket_port = [10024, 10026]; # Bypass spam checking fro trusted networks # @@ -3331,7 +3389,7 @@ use strict; # bypass_spam_checks_maps => [1], # bypass_header_checks_maps => [1], # final_spam_destiny => D_PASS, -# $final_bad_header_destiny = D_PASS, +# final_bad_header_destiny = D_PASS, #}; @@ -3352,14 +3410,113 @@ use strict; ## - overrides settings in 15-content_filter_mode ## - + +## - Global whitelisting of senders. +## - +## - Don't know if this works !! +## - +@whitelist_sender_maps = (\%whitelist_sender); + +## - %whitelist_sender = ( +## - # Full E-Mail Adresses +## - adress1@domain1.com => '1', +## - [..] +## - # Full local Part +##- adresse2@ +## - # All addresses of a domain +## - domain2.com => '1', +## - [..] +## - # Accept Sub Domains +## - .domain3.com => '1', +## - ); +## - +## - But we will use the read_hash function to read in a list +## - of senders from the external file '/etc/postfix/sender_whitelist' +## - +## - Example '/etc/postfix/sender_whitelist' +## - +## - some.trustworthy@doma.in #full email address +## - some.trustworthy@ #full local part +## - in.domain.we.trust #full email domain +## - .we.trust #accepting sub domains +## - +## - +read_hash(\%whitelist_sender, '/etc/postfix/sender_whitelist'); + + +## --- ## - Default antivirus checking mode +## --- + +## - bypass_virus_checks_maps +## - +## - Addresses/Domains listet here will not be checked. +## - +## - !! Notice !! +## - +## - Virus checks are bypassed only if all of the recipients of a message have +## - been added to one of these variables. If even one recipient is not listed, +## - virus-checking will still be performed. To ensure that virus is still delivered +## - to whitelisted recipients in such cases, use the "virus_lovers" features +## - see below. ## - @bypass_virus_checks_maps = ( \%bypass_virus_checks, \@bypass_virus_checks_acl, \\\$bypass_virus_checks_re); -## - Default SPAM checking mode +## - We will use '%bypass_virus_checks_maps'. So we could set: +## - +## - %bypass_virus_checks = ( +## - # Adresses +## - adress@domain1.com => '1', +## - [..] +## - # All addresses of a domain +## - domain2.com => '1', +## - [..] +## - # All adresses of a domain except a single user +## - address_1@domain3.com => '0', +## - domain3.com => '1', +## - ); ## - +## - But we will use the read_hash function to read in a list +## - of recipients from the external file '/etc/postfix/spam_lovers' +## - +## - Example '/etc/postfix/virus_lovers' +## - +## - # Adresses +## - adress@domain1.com 1 +## - [..] +## - +## - # All addresses of a domain +## - domain2.com 1 +## - [..] +## - +## - # All adresses of a domain except a single user +## - adress_1@domain3.com 0 +## - domain3.com 1 +## - +read_hash(\%bypass_virus_checks, '/etc/postfix/virus_lovers'); + + +## - virus_lovers_maps +## - +## - For Adresses/Domains listet at spam_lovers_maps, no spam actions (like +## - adding spam headers or discarding the mail) will be performed. +## - +@virus_lovers_maps = ( + \%virus_lovers, \@virus_lovers_acl, \\\$virus_lovers_re); + +## - We will use the read_hash function to read in a list of recipients +## - from the external file '/etc/postfix/spam_lovers' into '%spam_lovers'. +## - +## - For more explanations see above +## - +read_hash(\%virus_lovers, '/etc/postfix/virus_lovers'); + + +## --- +## - Default SPAM checking mode +## --- ## - bypass_spam_checks_maps ## -