Skip to content

Instantly share code, notes, and snippets.

@ThomasLeister
Last active May 9, 2024 10:49
Show Gist options
  • Save ThomasLeister/f41adad98bb46d0c8418de50b5efb4a0 to your computer and use it in GitHub Desktop.
Save ThomasLeister/f41adad98bb46d0c8418de50b5efb4a0 to your computer and use it in GitHub Desktop.
How to whitelist IP addresses or domains in Rspamd

Whitelist IP addresses based on pre-filter policy

/etc/rspamd/local.d/multimap.conf:

  IP_WHITELIST {
      type = "ip";
      prefilter = true;
      map = "/${LOCAL_CONFDIR}/local.d/ip_whitelist.map";
      action = "accept";
  }

/etc/rspamd/local.d/ip_whitelist.map:

  192.168.122.3
  192.168.122.4

Lower spam score of e-mails with a certain domain name (post-filter mode)

/etc/rspamd/local.d/multimap.conf:

  WHITELIST_SENDER_DOMAIN {
      type = "from";
      filter = "email:domain";
      map = "/etc/rspamd/local.d/whitelist.sender.domain.map";
      score = -6.0
  }

/etc/rspamd/local.d/whitelist.sender.domain.map:

  meinedomain.tld
  anderedomain.tld
@sneak
Copy link

sneak commented May 31, 2021

Is it okay to put v6 IPs in the ip_whitelist.map? Should they be put in brackets?

@williamdes
Copy link

The docs say it's regexp not regex
See: https://rspamd.com/doc/modules/multimap.html#maps-content

@TonyGravagno
Copy link

Good catch, @williamdes - It probably would have been better if Booleans were globally regex while actual expressions were regexp, but it's too late to go back.

@williamdes
Copy link

Thanks, for now this is still not working.
So I would argue that prefilter should be false. It seems to not define a action anyway. But defines a score, that is the second reason to think it should be false.

I am still unsure why it's not working anyway

@williamdes
Copy link

Good catch, @williamdes - It probably would have been better if Booleans were globally regex while actual expressions were regexp, but it's too late to go back.

I am not too sure what to conclude about your reply, I definitely it's regexp since this example on the page you linked: https://rspamd.com/doc/modules/multimap.html#regexp-maps

@TonyGravagno
Copy link

I'm saying you're right - The code from @Gerben-W has regex and the doc definitely has regexP. So, good on you for catching that.

My comment was only a whimsical lament - I think most of us easily confuse and interchange property values named RegEx or RegexP, etc, just because there is no standard abbreviation. And in Rspamd we see the name, with and without P, used chaotically.

@jniltinho
Copy link

Hello,

How do I put a blocking filter for
real_hostname or from_hostname,

using regex like

mail-yw1-f173.google.com
/^mail-.*google\.com$/i

@TonyGravagno
Copy link

TonyGravagno commented Mar 20, 2024

@jniltinho This gist is about whitelist/allow, not blacklist/reject. However, blocking is done with a few more parmeters and by specifying the pre-filter map parameter

prefilter = true;
action = "reject";
filter = "real_hostname";

See also Received Filter.

( Not tested, I believe this is correct and will edit if required. )

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment