Whitelist host for spam only

[sehh]

How can I whitelist a remote host so that mail from that host does not get scanned by SpamAssassin for spam?

I looked at "/etc/skipsmtpcheckhosts" but that skips ALL checks and allows the remote host to even use my server as a proxy. I also looked at "/etc/senderverifybypasshosts" and "/etc/trustedmailhosts" but they are not useful.

Thank you.

[cPanelMattCurry]

Hello,

I do apologize for your issues, however as far I see that would be the most common way of doing this. The only other way would be to customize this to your personal setup as you have described below. This would mean custom ACLs, and unfortunately this is not something we could support directly.

Thank you,
Matthew Curry

[sehh]

Understood.

Unfortunately, its an all-or-nothing situation. I only need to by-pass SA from scanning a specific host, but I don't want to give them full access.

Temporarily, I've given then full access by adding their host in the "/etc/skipsmtpcheckhosts" file, but I can't allow that for long.

[cpanelstephen]

You can accomplish this by adding the following line to the check_message ACL in your exim configuration:

Code:

 accept sender_domains = lsearch;/etc/spamfreedomains

To do this, go to WHM -> Exim Configuration Editor -> Advanced Editor, and place the aforementioned line so the check_message looks like this:

Code:

check_message:
#  Enabling this will make the server non-rfc compliant
#  require verify = header_sender
 accept  hosts = 127.0.0.1 : +relay_hosts

 accept sender_domains = lsearch;/etc/spamfreedomains

If possible, you may want to consider implementing this whitelist based on the source host IP, rather than the domain. While an unlikely scenario, this would prevent people from masquerading as that domain, and circumventing your spam filters as a result.

To do this, you would simply change the ACL addition to:

Code:

 accept hosts = net-iplsearch;/etc/spamfreehosts

Note that either way you implement this, you will need to create the /etc/spamfree(hosts|domains) file before applying the changes. Failing to do this will render that ACL, and message delivery in a broken state.

Code:

touch /etc/spamfreedomains
chown root:mail /etc/spamfreedomains
chmod 0750 /etc/spamfreedomains

[sehh]

wow, man you are good!

thank you very much for taking the time to write the above solution.

much appreciated!

[sehh]

Stephen,

can you please give a similar example for whole email addresses? For example:

/etc/spamfreeemails

which would contain whole email addresses, like:

user@emaildomain.com


Thank you!