28 Mar
2022
28 Mar
'22
4:15 p.m.
On Mon, Mar 28, 2022 at 04:04:08PM +0000, Andy Smith wrote:
If the email's envelope sender is unique to them,
then you could add
a match for it to a file like /etc/exim4/local_sender_allowlist, and
then at the place where you consider an email's SA score you can
exempt senders that match local_sender_allowlist from consideration.
I should point out that if you do this, or if you do similar with
the Debian machinery for CONFDIR/local_sender_whitelist, then you
would of course be letting in any mail whose envelope sender matched
what you specified.
I personally tend not to do an allowlist based solely on sender,
instead preferring to modify the SpamAssassin config which can check
for DKIM and/or SPF to authenticate it. So that's another plus point
of running your own SpamAssassin. It's quite simple in SA, it's just
something like:
######################################################################
# Allowlisted senders with valid DKIM. This works against the From:
# header.
######################################################################
whitelist_auth *(a)bbc.co.uk
######################################################################
# Allowlisted senders with valid SPF. Note this needs to use the
# envelope sender. Instead use above whitelist_auth if mail passes
# DKIM.
######################################################################
whitelist_from_spf *(a)nanog.org
Cheers,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting