WhiteList Spam Blocking

White-lists are a way of blocking spam by accepting only pre-approved mail. Non-pre-approved senders are sent a short message asking them to respond, after which their mail is delivered. Spammers never respond.

White-lists have the advantage of blocking 100% of spam, and the disadvantage that they can block messages from automated senders that may have been valid (automated senders - like mailing lists - never respond either).

Consequently, the white-list method is only suitable where all senders are either known in advance, or are individuals that can be expected to respond.

The mailling list problem is partially circumvented by having the white-list user specify which mailing lists they are on, and there are ways of matching well known domains to cut down the unknown recipient problem.

So, to sum up - white-lists are fine if they are being operated by people prepared for some active management.

The actions of the white list code are controlled by the contents of a user's ~/.whitelistrc file. There is a template in ~s/pd/white-list/whitelistrc.

The white-list handler understands some commands sent by the owner. Put one of these commands into the subject line of a mail message sent to yourself:

accept address
adds address to the accept list and delivers any pending messages
deny address
adds address to the deny list and drops any pending messages
list pending
delivers a message containing a list of addresses of pending messages

White list maintenance

There is a command to maintain the white-list databases called whitelistc. It can be run from cron to remove old messages for which no response has arrived after a certain amount of time (presumably SPAM) and clean out the verification database. It can also roll-over the message log if logging is enabled in ~/.whitelistrc.

whitelistc --help will display a usage message, or try: man whitelistc.

The white-list handler logs every action taken in the logfile defined in ~/.whitelistrc by the value of LOGFILE. Each message processed is logged with a date, action taken, and reason.

Any errors in processing mail messages result in the message being delivered. If possible, an additional message is generated informing the user of the reason, and, if appropriate (non system resource exhaustion related errors), a diagnostic message is generated and sent to ADMIN_ADDRESS (if defined in ~/.whitelistrc).

To install white-list spam blocking for a user, first get them to give you a list of all the mailling lists they are on (which you can add to the MAILING_LISTS variable in the ~/.whitelistrc config file), then:

1. cd ~user
2. cp ~s/pd/white-list/whitelistrc .whitelistrc
3. edit .whitelistrc for user's details
4. chown user .whitelistrc; chmod 600 .whitelistrc
5. cp ~s/pd/white-list/dot_postie .postie
6. chown user .postie; chmod 700 .postie

Finally, add the following line to the user's crontab on staff only:

   1 0 * * 0   /usr/local/bin/whitelistc -o 672 -r 

Additionally, some users may like to be kept informed of recent additions to the verifications queue:

   1 6 * * *   /usr/local/bin/whitelistc -va 24