Amavis whitelistuje na zaklade From i Return-Path

[Adam Pribyl]

Provedl jsem upgrade mailserveru z etche na lennyho.

V amavisu pouzivam whitelistovani vlastnich domen a domena a emailu
zakazniku. V lennym ale amavis, zda se, zmenil chovani pri whitelistovani
a misto, aby whitelistoval na zaklade jen Return-Path jak je napsano v
dokumentaci

http://www.ijs.si/software/amavisd/#faq
# The (hard) w/b listing in amavisd-new works on envelope sender address
(i.e. the return-path). If triggered, the call to SA is skipped to save
time, as it would not have a chance to overrule the w/b list decision
already taken.
# The soft w/b listing in amavisd-new (the @score_sender_maps, available
since 2.0) also works on envelope sender address, but only modifies the
spam score as returned by SA, and does not bypass calling SA.

bere v potaz obe pole - jak From, tak Return-Path. V debug vystupu to pak
vypada takto:

Feb  1 00:16:54.650 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
Checking: 5hIX-LxPFIwM [187.50.230.174] <ll na alssnowmobile.com> ->
<pepan na mydomain.cz>
Feb  1 00:16:54.651 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
2822.From: <pepan na mydomain.cz>, 2821.Mail_From: <ll na alssnowmobile.com>

^^^ tady je videt, ze z mailu si vezme obe adresy - jak From z tela zpravy
tak Mail_From z hlavicky, ktera se domnivam je to same jako zminovany
envelope sender (i.e. return-path).

Feb  1 00:16:56.954 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
wbl: checking sender <ll na alssnowmobile.com>, <pepan na mydomain.cz>

^^^ nyni spusti whitelisting kontrolu obou (?) adres

Nasleduje kontrola prvni adresy, ktera nikam nesedi, ovsem

Feb  1 00:16:56.958 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
lookup (whitelist_recip<pepan na mydomain.cz>) => undef, "pepan na mydomain.cz"
does not match
Feb  1 00:16:56.958 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
query_keys: pepan na mydomain.cz, pepan@, mydomain.cz, .mydomain.cz, .cz, .
Feb  1 00:16:56.959 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
lookup_hash(pepan na mydomain.cz) matches key ".mydomain.cz", result=1
Feb  1 00:16:56.959 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
lookup (whitelist_sender) => true,  "pepan na mydomain.cz" matches,
result="1", matching_key=".mydomain.cz"
Feb  1 00:16:56.959 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
wbl: recip <pepan na mydomain.cz> whitelisted sender <pepan na mydomain.cz>
Feb  1 00:16:56.959 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
query_keys: pepan na mydomain.cz, pepan@, mydomain.cz, .mydomain.cz, .cz, .
Feb  1 00:16:56.959 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
lookup_hash(pepan na mydomain.cz) matches keys: "."=>ARRAY(0xad645a0)
Feb  1 00:16:56.959 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
lookup (score_sender), 1 matches for "pepan na mydomain.cz", results:
"."=>[Amavis::Lookup::RE=ARRAY(0xad63f50),HASH(0xad64200)]
Feb  1 00:16:56.960 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
lookup_re("pepan na mydomain.cz"), no matches
Feb  1 00:16:56.960 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
query_keys: pepan na mydomain.cz, pepan@, mydomain.cz, .mydomain.cz, .cz, .
Feb  1 00:16:56.960 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
lookup_hash(pepan na mydomain.cz), no matches
Feb  1 00:16:56.960 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
lookup (score_sender<pepan na mydomain.cz>) => undef, "pepan na mydomain.cz"
does not match
Feb  1 00:16:56.960 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
wbl: whitelisted sender <ll na alssnowmobile.com>, <pepan na mydomain.cz>
Feb  1 00:16:56.961 mailserver /usr/sbin/amavisd-new[28432]: (28432-07)
sender white/blacklisted, skipping spam_scan

u druhe samozrejme najde shodu s domenou. Tim padem se vynecha
spamassassin a vsechny maily s podvrzenou adresu From jsou povazovany za
whitelistovane... Nedari se mi prijit na to, jak amavis tohoto nesvaru
zbavit, resp. co se zmenilo, ze drive tyto maily normalne prochazeli pres
SA a nebyly whitelistovany.

Diky za kazdou radu


Adam Pribyl