Difference between revisions of "IP Address whitelisting"

(amavisd.conf.in)
(amavis_client_whitelist)
Line 22: Line 22:
 
  /opt/zimbra/postfix/sbin/postmap /opt/zimbra/postfix/conf/amavis_client_whitelist
 
  /opt/zimbra/postfix/sbin/postmap /opt/zimbra/postfix/conf/amavis_client_whitelist
  
oh noes:
+
That will create a Berkeley DB:
 
 
<pre>
 
zimbra@zimbra:~$ /opt/zimbra/postfix/sbin/postmap /opt/zimbra/postfix/conf/amavis_client_whitelist
 
Segmentation fault
 
</pre>
 
 
 
but ...:
 
  
 
<pre>
 
<pre>

Revision as of 01:22, 23 December 2009

This shows how to disable anti-spam checking of all emails coming from an IP address -- in other words whitelist an IP address instead of conventional domain name whitelisting.


Everything here is done as the zimbra user. Let's say you want to whitelist all the emails coming from 192.168.1.1:

postfix_recipient_restrictions.cf

Enter following line at the top of: /opt/zimbra/conf/postfix_recipient_restrictions.cf

check_client_access hash:/opt/zimbra/postfix/conf/amavis_client_whitelist

amavis_client_whitelist

Create a file: /opt/zimbra/postfix/conf/amavis_client_whitelist

vi /opt/zimbra/postfix/conf/amavis_client_whitelist
192.168.1.1 FILTER smtp-amavis:[127.0.0.1]:10026

Converting amavis_client_whitelist an ASCII form file into maptype database file:

/opt/zimbra/postfix/sbin/postmap /opt/zimbra/postfix/conf/amavis_client_whitelist

That will create a Berkeley DB:

zimbra@zimbra:~$ file /opt/zimbra/postfix/conf/amavis_client_whitelist.db
/opt/zimbra/postfix/conf/amavis_client_whitelist.db: Berkeley DB (Hash, version 8, native byte-order)

amavisd.conf.in

Enter following in /opt/zimbra/conf/amavisd.conf.in:

NOTE: Make sure you use the amavisd.conf.in and NOT amavisd.conf

 $inet_socket_port = [10024, 10026];                     # change from original setting
 $interface_policy{'10026'} = 'CLIENTWHITELIST';              
 $policy_bank{'CLIENTWHITELIST'} = {                          
   bypass_spam_checks_maps   => [1],                          
   final_spam_destiny   => D_PASS,                      
 };

if you want to bypass virus checking too:

 $policy_bank{'CLIENTWHITELIST'} = {                          
   bypass_spam_checks_maps   => [1],                          
   final_virus_destiny => D_PASS,
   final_spam_destiny   => D_PASS,                      
 };

http://www.webservertalk.com/archive390-2006-8-1467502.html

Restart postfix and amavisd

 zmmtactl restart && zmamavisdctl restart
Jump to: navigation, search