King0770-Notes-Whitelist-Phishing-Service

Revision as of 18:34, 20 December 2018 by King0770 (talk | contribs) (Created page with "If you need to whitelist a phishing service that will test your employees, you can do either solutions or both.<br> Whitelist the Phishing service domain.<br> <br> <code><pre...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

If you need to whitelist a phishing service that will test your employees, you can do either solutions or both.

Whitelist the Phishing service domain.

zmprov md example.com +amavisWhitelistSender phishtest.com      <<== note the use of the plus sign

and/or

zmprov md example.com +amavisWhitelistSender testing@phishtest.com      <<== note the use of the plus sign


If the phishing test service uses specific headers, you may need to allow these messages as well.
Example X-PHISHTEST: PRILOCK
One option, is to create a custom/local spamassassin rule that gives a negative score e.g. -99 such that nothing else could add up to a high enough score to be flagged.

What you can do is add the following to the /opt/zimbra/data/spamassassin/localrules/sauser.cf file as the zimbra user. 

describe PH_CHK Phishing Header Test
header   PH_CHK X-PHISHTEST =~ /^PRILOCK$/
score    PH_CHK -99.0

Create the file if it doesn't exist.

Next restart zimbra amavis to pick up the changes. 

zmamavisdctl restart

More articles written by me, https://wiki.zimbra.com/wiki/King0770-Notes

Retrieved from "http://wiki.zimbra.com/index.php?title=King0770-Notes-Whitelist-Phishing-Service&oldid=66080"
Jump to: navigation, search