Cool Solutions

Whitelisting by IP address in SpamAssassin



By:

April 22, 2008 1:48 pm

Reads: 21

Comments:1

Score:4

Product: GroupWise 7
Agent: GWIA
Third Party Product: Guinevere 3.4 and/or SpamAssassin 3.23 for anti-spam

Problem:

With open relays denied by default, I had problems with allowing internal servers relaying mail to our GroupWise Internet Agent. The GWIA logs would show parts of the conversation (the beginning and the end) with no errors, but mail was not getting through. This was discovered to be an issue with SpamAssassin. Our SpamAssassin happens to be integrated with Guinevere, though this solution should also work for a non-integrated SpamAssassin.

It seems like an odd message flow, but mail relayed to GWIA, be it an internal or external destination, comes in before going out. This makes it susceptible to spam scanning.

Because of the application that was doing the relaying, whitelisting was not an option since the sender and receiver could both vary. As a result, I had to create a custom rule that would allow me to specify the IP address of the sending server in SpamAssassin.

Solution:

To do this, you will edit your local.cf file. In Guinevere, the default location is in the \sarules\default\ folder. In SpamAssassin, the default is /etc/mail/spamassassin/. Add the following lines where you place your custom rules within the local.cf file:

header RULE_NAME Received=~ /\[serverIPaddr\]/
score RULE_NAME -99
describe RULE_NAME Allows relays from serverIPaddr

Of course, the ‘serverIPaddr’ part will be replaced with the IP address of the relaying server. Be sure to include the brackets and all other special characters shown. Also make sure that RULE_NAME is the same in all three places.

This rule will look in the Received= line of a header for the presence of the server’s IP address enclosed in braces. If it finds it, a value of -99 will be applied to the spam score for this email (standard for SA’s whitelisting).

VN:F [1.9.22_1171]
Rating: 4.0/5 (1 vote cast)
Whitelisting by IP address in SpamAssassin, 4.0 out of 5 based on 1 rating

Categories: Uncategorized

Disclaimer: This content is not supported by Novell. It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test it thoroughly before using it in a production environment.

1 Comment

  1. By:alex_vs

    Or what about using like this in your SpamAsassin user config:

    trusted_networks 127.0.0.1

    VN:F [1.9.22_1171]
    Rating: 0.0/5 (0 votes cast)

Comment

RSS