efa-project.org


https://forum.efa-project.org/

How to use phishing.safe.sites.custom ?

https://forum.efa-project.org/viewtopic.php?t=3227

Page 1 of 1

How to use phishing.safe.sites.custom ?

Posted: 22 Nov 2018 13:05
by ovizii
I had read (somewhere) that I can add safe sites in here to mitigate the problem that the global "bad" list lists onedrive.live.com and play.google.com by listing them inside phishing.safe.sites.custom - and yet even after restarting Mailscanner, these lists still get marked as phishing fraud.

Did anyone succeed and can explain how this works?

Re: How to use phishing.safe.sites.custom ?

Posted: 27 Nov 2018 11:51
by henk
As I have no answer, you could try Shortcircuit to bypass the blacklist, as onedrive.live.com is listed in phishing.bad.sites.conf

Code: Select all

/etc/mail/spamassassin/local.cf

ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
#
# default: strongly-whitelisted mails are *really* whitelisted now, if the
# shortcircuiting plugin is active, causing early exit to save CPU load.
# Uncomment to turn this on
#
shortcircuit USER_IN_WHITELIST on
shortcircuit USER_IN_DEF_WHITELIST on
# shortcircuit USER_IN_ALL_SPAM_TO on
# shortcircuit SUBJECT_IN_WHITELIST on

# the opposite; blacklisted mails can also save CPU
#
shortcircuit USER_IN_BLACKLIST on
shortcircuit USER_IN_BLACKLIST_TO on
# shortcircuit SUBJECT_IN_BLACKLIST on

# if you have taken the time to correctly specify your "trusted_networks",
# this is another good way to save CPU
#
# shortcircuit ALL_TRUSTED on

# and a well-trained bayes DB can save running rules, too
#
shortcircuit BAYES_99 spam
# shortcircuit BAYES_00 ham


whitelist_from info@onedrive.live.com
whitelist_from info@play.google.com

blacklist_from info@spammers.be


endif # Mail::SpamAssassin::Plugin::Shortcircuit

Re: How to use phishing.safe.sites.custom ?

Posted: 29 Nov 2018 20:41
by ovizii
Thanks for the workaround. I'll do that until someone finds a better way.

Re: How to use phishing.safe.sites.custom ?

Posted: 16 Jan 2019 10:58
by henk
As I was looking for something completely different, I found this: https://www.real-world-systems.com/docs ... nConf.html

Whitelist and Blacklist options

unwhitelist_from uname@domain.com
Overrides a default whitelist_from entry, for example a distribution whitelist_from can be overridden in local.cf or for an individual user user_prefs.
The address has to match exactly the address previously used in a whitelist_from line. Examples:

unwhitelist_from joe@example.com fred@example.com
unwhitelist_from ∗example.com

unblacklist_from joe@ress.com
Used to override a default blacklist_from entry,

Re: How to use phishing.safe.sites.custom ?

Posted: 05 Mar 2019 11:54
by ovizii
Sounds good. here is a link to a more current documentation: https://spamassassin.apache.org/full/3. ... _Conf.html

I'm going ahead and will use:

unblacklist_from *@onedrive.live.com
unblacklist_from *@play.google.com
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited