Has anyone figured out how to whitelist KnowBe4 phishing tests? I am not sure where I would go about putting in the rules. They list spamassassin with some rules to put in but not sure where in EFA I would put those rules. Thanks in advance.
Phil
Knowbe4 whitelisting
Re: Knowbe4 whitelisting
Try adding this in your local.cf. I don't use the knowbe4 service, but believe this should essentially be what you are asking for.
Add to /etc/mail/spamassassin/local.cf
header __KNOWBE4_1 X-Mailer =~ /KnowBe4/i
header __KNOWBE4_2 X-Sender =~ /\@kb4\.com/i
header __KNOWBE4_3 X-SenderBaseID =~ /knowbe4\.com/i
meta KNOWBE4_PHISH (__KNOWBE4_1 || __KNOWBE4_2 || __KNOWBE4_3)
score KNOWBE4_PHISH -100.0
Save the file, then run spamassassin --lint. If there is no output, means that the local.cf passes the test, then restart spamassassin - systemctl restart spamassassin Let me know how it goes.
Add to /etc/mail/spamassassin/local.cf
header __KNOWBE4_1 X-Mailer =~ /KnowBe4/i
header __KNOWBE4_2 X-Sender =~ /\@kb4\.com/i
header __KNOWBE4_3 X-SenderBaseID =~ /knowbe4\.com/i
meta KNOWBE4_PHISH (__KNOWBE4_1 || __KNOWBE4_2 || __KNOWBE4_3)
score KNOWBE4_PHISH -100.0
Save the file, then run spamassassin --lint. If there is no output, means that the local.cf passes the test, then restart spamassassin - systemctl restart spamassassin Let me know how it goes.