How to use phishing.safe.sites.custom ?

Questions and answers about how to do stuff
Post Reply
ovizii
Posts: 456
Joined: 11 May 2016 08:08

How to use phishing.safe.sites.custom ?

Post by ovizii » 22 Nov 2018 13:05

I had read (somewhere) that I can add safe sites in here to mitigate the problem that the global "bad" list lists onedrive.live.com and play.google.com by listing them inside phishing.safe.sites.custom - and yet even after restarting Mailscanner, these lists still get marked as phishing fraud.

Did anyone succeed and can explain how this works?

henk
Posts: 392
Joined: 14 Dec 2015 22:16
Location: Netherlands
Contact:

Re: How to use phishing.safe.sites.custom ?

Post by henk » 27 Nov 2018 11:51

As I have no answer, you could try Shortcircuit to bypass the blacklist, as onedrive.live.com is listed in phishing.bad.sites.conf

Code: Select all

/etc/mail/spamassassin/local.cf 

ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
#
# default: strongly-whitelisted mails are *really* whitelisted now, if the
# shortcircuiting plugin is active, causing early exit to save CPU load.
# Uncomment to turn this on
#
shortcircuit USER_IN_WHITELIST on
shortcircuit USER_IN_DEF_WHITELIST on
# shortcircuit USER_IN_ALL_SPAM_TO on
# shortcircuit SUBJECT_IN_WHITELIST on

# the opposite; blacklisted mails can also save CPU
#
shortcircuit USER_IN_BLACKLIST on
shortcircuit USER_IN_BLACKLIST_TO on
# shortcircuit SUBJECT_IN_BLACKLIST on

# if you have taken the time to correctly specify your "trusted_networks",
# this is another good way to save CPU
#
# shortcircuit ALL_TRUSTED on

# and a well-trained bayes DB can save running rules, too
#
shortcircuit BAYES_99 spam
# shortcircuit BAYES_00 ham


whitelist_from info@onedrive.live.com
whitelist_from info@play.google.com

blacklist_from info@spammers.be


endif # Mail::SpamAssassin::Plugin::Shortcircuit

ovizii
Posts: 456
Joined: 11 May 2016 08:08

Re: How to use phishing.safe.sites.custom ?

Post by ovizii » 29 Nov 2018 20:41

Thanks for the workaround. I'll do that until someone finds a better way.

henk
Posts: 392
Joined: 14 Dec 2015 22:16
Location: Netherlands
Contact:

Re: How to use phishing.safe.sites.custom ?

Post by henk » 16 Jan 2019 10:58

As I was looking for something completely different, I found this: https://www.real-world-systems.com/docs ... nConf.html

Whitelist and Blacklist options

unwhitelist_from uname@domain.com
Overrides a default whitelist_from entry, for example a distribution whitelist_from can be overridden in local.cf or for an individual user user_prefs.
The address has to match exactly the address previously used in a whitelist_from line. Examples:

unwhitelist_from joe@example.com fred@example.com
unwhitelist_from ∗example.com

unblacklist_from joe@ress.com
Used to override a default blacklist_from entry,

ovizii
Posts: 456
Joined: 11 May 2016 08:08

Re: How to use phishing.safe.sites.custom ?

Post by ovizii » 05 Mar 2019 11:54

Sounds good. here is a link to a more current documentation: https://spamassassin.apache.org/full/3. ... _Conf.html

I'm going ahead and will use:

unblacklist_from *@onedrive.live.com
unblacklist_from *@play.google.com

Post Reply