Whitelist/Allowlist for spam filtering by domain or IP

A Former User

As the title states, it would be nice to be able to whitelist to get around situations where those using your email service require emails from services like sendgrid that might get periodically blocked.

d19dotca

Just wanted to add that Haraka has both a DNSBL and a DNSWL, however it seems that the DNSWL is not enabled in the Haraka config yet, only the DNSBL is present.

http://haraka.github.io/plugins/dnswl/

It'd definitely be awesome if we could setup the DNSWL feature to allow a whitelist feed which then skips any DNSBL checks.

d19dotca

Just an FYI - I recently found (thanks to @girish for setting the wheels in motion for me to dig into this) that there is some form of whitelisting/allowlisting in SpamAssassin via Cloudron's UI. It's not perfectly matching what we are looking for in this feature request, but should help buy some time for those who need this capability right away. Here's the goods on it:

• The pros: you can use this right away!
• The cons: It's not a true "whitelist" since spam processing still proceeds (a true whitelist/allowlist in my mind means it completely skips spam processing completely), but setting the score to be incredibly low should effectively force all messages that may have otherwise been "spam" into the inbox for the user (and onwards for mailing lists too), it basically achieves the same result as we're wanting for the most part. I don't think it can be done by IP, but will work for domain. The values also accept wildcard characters to help "whitelist" an entire domain.

From the other post I made (pasting it here for convenience):

I can confirm through testing that if I add a section to the SpamAssassin rules such as the following, this works! So this is a great workaround to not having direct whitelisting capabilities, using the whitelist_to rule and score.

# whitelisting addresses
score USER_IN_WHITELIST_TO -100
whitelist_to email1@example.com
whitelist_to email2@example.com
whitelist_to *@test.com
Using the above (but of course substituting the actual email addresses) worked in my testing.

Similarly, the whitelist_from will work too on the opposite end of the equation... that will apply to who sent the message rather than who the message was directed to.

Hope this helps

Reference: https://forum.cloudron.io/post/33254

necrevistonnezr

Re-iterating this request as I had cases of important mail never reaching the mailboxes. It would be great to whitelist whole domains (e.g. your current employer's domain when doing home office as a freelancer.... )

necrevistonnezr

Also, including "auto whitelist" might be interesting:

• whitelisting all addresses you email to
• whitelisting from an LDAP address book

See https://cwiki.apache.org/confluence/display/spamassassin/ManualWhitelist

dtrckd

+1 for this feature. Especially, that zen.spamhaus.org, the default mail DNSBL used by Cloudron has a very harsh policy with ipv6 email. If one IP on a /64 ipv6 range is blacklisted, all the IP in that range get blacklisted :S.