This configuration is provided by the project NethServer, a CentOS clone which provide a full postfix email server with Rspamd and a lot of more good other features https://www.nethserver.org/
To manage the priority the blacklist is rejected with a forced action because the priority between blacklist and whitelist is hard to be fine. For example if you blacklist the domain.org, user@domain.org could be blacklisted too even if the use@domain.org is whitelisted. Moreover we want to use our SMTP message rejection and do not reject based on score, because when the message is rejected it is rejected with a SPAM rejection message.
the map is a file with a email or a domain list (one entry per line), same for the IP whitelisting
- the
whitelist_from
andblacklist_from
are maps for emails (user@domain.org) - the
whitelist_from_domains
andblacklist_from_domains
are maps for domains (sub.domain.org or domain.org) - the
whitelist_to_domains
andblacklist_to_domains
are maps for domains (sub.domain.org or domain.org) - the
whitelist_ip
is a map for IP
touch /etc/rspamd/{whitelist_ip.map,whitelist_from.map,whitelist_from_domains.map,blacklist_from.map,blacklist_from_domains.map,whitelist_to.map,whitelist_to_domains.map}
Put the configuration in /etc/rspamd/local.d/multimap.conf
then create your map under /etc/rspamd
(could be /var/lib/rspamd
if you want to adjust it from the UI, but the map path must be adjusted)
# whitelist the IP
IP_WHITELIST {
type = "ip";
prefilter = "true";
map = "${CONFDIR}/whitelist_ip.map";
action = "accept";
symbol = "IP_WHITELIST";
description = "Accept SMTP sender by exact IP address";
}
# whitelist the senders
FROM_WHITELIST {
type = "from";
map = [
"${CONFDIR}/whitelist_from.map",
];
prefilter = true;
filter = "email:addr";
action = "accept";
description = "Accept SMTP sender by exact email address";
symbol = "FROM_WHITELIST";
}
#whitelist the sub.domains of senders
FROM_SUBDOMAINS_WHITELIST {
map = [
"${CONFDIR}/whitelist_from_domains.map",
];
type = "from";
prefilter = true;
action = "accept";
filter = "email:domain";
description = "Accept SMTP sender by exact domain name";
symbol = "FROM_SUBDOMAINS_WHITELIST";
}
#whitelist the domains of senders
FROM_DOMAINS_WHITELIST {
map = [
"${CONFDIR}/whitelist_from_domains.map",
];
type = "from";
prefilter = true;
action = "accept";
filter = "email:domain:tld";
description = "Accepted SMTP sender by top level domain name suffix";
symbol = "FROM_DOMAINS_WHITELIST";
}
#blacklist the senders
FROM_BLACKLIST {
type = "from";
map = [
"${CONFDIR}/blacklist_from.map",
];
filter = "email:addr";
symbol = "FROM_BLACKLIST";
description = "Reject SMTP sender by exact email address";
}
#blacklist the subdomains of senders
FROM_SUBDOMAINS_BLACKLIST {
map = [
"${CONFDIR}/blacklist_from_domains.map",
];
type = "from";
filter = "email:domain";
description = "Reject SMTP sender by exact domain name";
symbol = "FROM_SUBDOMAINS_BLACKLIST";
}
#blacklist the domains of senders
FROM_DOMAINS_BLACKLIST {
map = [
"${CONFDIR}/blacklist_from_domains.map",
];
type = "from";
filter = "email:domain:tld";
description = "Reject SMTP sender by top level domain name suffix";
symbol = "FROM_DOMAINS_BLACKLIST";
}
#whitelist the subdomain of recipients
TO_SUBDOMAINS_WHITELIST {
map = [
"${CONFDIR}/whitelist_to_domains.map",
];
type = "rcpt";
prefilter = true;
action = "accept";
filter = "email:domain";
description = "Accept SMTP recipient by exact domain name";
symbol = "TO_SUBDOMAINS_WHITELIST";
}
#whitelist the domain of recipients
TO_DOMAINS_WHITELIST {
map = [
"${CONFDIR}/whitelist_to_domains.map",
];
type = "rcpt";
prefilter = true;
action = "accept";
filter = "email:domain:tld";
description = "Accept SMTP recipient by top level domain name suffix";
symbol = "TO_DOMAINS_WHITELIST";
}
#whitelist the email address of recipients
TO_WHITELIST {
type = "rcpt";
map = [
"${CONFDIR}/whitelist_to.map",
];
prefilter = true;
filter = "email:addr";
action = "accept";
description = "Accept SMTP recipient by exact email address";
symbol = "TO_WHITELIST";
}
in /etc/rspamd/local.d/force_actions.conf
REJECT_FROM_BLACKLIST {
action = "reject";
message = "Sender email address rejected";
expression = "FROM_BLACKLIST | FROM_SUBDOMAINS_BLACKLIST | FROM_DOMAINS_BLACKLIST";
}
after this change the rspamd service must be restarted, the map are loaded every 5 minutes (default settings) or rspamd must be reload