In sf_mfilter_local.txt add this and populate as desired.... (this
will have modest results initially but will work better with new
builds that will pay more attention to the whitelisting score)
ChrisP.
# Rules for trusted domains based on SPF, we check the address in
the 'spf' header is the domain we trust... (since from may be
forged)
if (isin("Received-SPF","res=PASS")) then
if (rexp("Received-SPF","\
<service@intl\.paypal\.com\>"))
then
setflag("_TRUSTDOM")
end if
end if
# Rules for trusted domains based on DKIM (preferred), there is no
need to add these ones to the spf rules above too, only use spf if
no dkim header...
if (isin("Authentication-Results","dkim=pass")) then
if (rexp(from,
"service@intl\.paypal\.com$")) then
setflag("_TRUSTDOM")
end if
if (rexp(from,HIDDEN@es\.audible\.com\.au$")) then
setflag("_TRUSTDOM")
end if
end if
# If source is verified by spf or dkim, and domain is enherrently
trustworthy, then zero out the spam score...
if (evalflags("_TRUSTDOM")) then
call feature_manual(0.01,"TrustedDom")
end if
On 21/04/2016 2:21 a.m., Steven wrote:
What is the best practice for example if you wanted to make
sure certain legit domains are never sent challenge emails?
Example: Utilities sending bills or statements,
Amazon/Online senders sending delivery updates, or other
automated messages.
The goal is for them to get through BUT you still want to
make sure SPF checks are complete. In other words I'd like to
globally whitelist a domain but only from the legitimate
source. We won't want them to get quarantined or challenged
ever.
Thanks in advance for any advice.
