Whitelist/Allowlist for spam filtering by domain or IP
Just wanted to add that Haraka has both a DNSBL and a DNSWL, however it seems that the DNSWL is not enabled in the Haraka config yet, only the DNSBL is present.
It'd definitely be awesome if we could setup the DNSWL feature to allow a whitelist feed which then skips any DNSBL checks.
Just an FYI - I recently found (thanks to @girish for setting the wheels in motion for me to dig into this) that there is some form of whitelisting/allowlisting in SpamAssassin via Cloudron's UI. It's not perfectly matching what we are looking for in this feature request, but should help buy some time for those who need this capability right away. Here's the goods on it:
- The pros: you can use this right away!
- The cons: It's not a true "whitelist" since spam processing still proceeds (a true whitelist/allowlist in my mind means it completely skips spam processing completely), but setting the score to be incredibly low should effectively force all messages that may have otherwise been "spam" into the inbox for the user (and onwards for mailing lists too), it basically achieves the same result as we're wanting for the most part. I don't think it can be done by IP, but will work for domain. The values also accept wildcard characters to help "whitelist" an entire domain.
From the other post I made (pasting it here for convenience):
I can confirm through testing that if I add a section to the SpamAssassin rules such as the following, this works! So this is a great workaround to not having direct whitelisting capabilities, using the whitelist_to rule and score.
# whitelisting addresses score USER_IN_WHITELIST_TO -100 whitelist_to firstname.lastname@example.org whitelist_to email@example.com whitelist_to *@test.com Using the above (but of course substituting the actual email addresses) worked in my testing.
whitelist_fromwill work too on the opposite end of the equation... that will apply to who sent the message rather than who the message was directed to.
Hope this helps