MailSite Knowledge Base

This document gives examples of ways to to create trusted sender lists, or "White Lists", in MailSite Anti Spam. Trusted sender lists ensure that messages sent from specific addresses or domains are neither quarantined as suspected spam nor rejected as definite spam, even if the messages have attracted a high spam score.

Some messages that attract a high spam score might not come from spammers. Even trusted senders can send badly formatted messages, or messages with embedded images or profanities. Only a message recipient can say with 100% certainty whether or not a message that attracts a high spam score is unwanted, or spam. Often end users have opted in to mailing lists that send out messages that fit all commonly accepted definitions of spam, but they are not spam because they are not unsolicited.

The aim of White Lists is to reduce the risk that messages sent from trusted senders or trusted domains will be either quarantined (identified as suspected spam and delivered to Junk Mail folders) or, even worse, rejected outright as definite spam.

One of the key advantages of MailSite Anti Spam is the power and flexibility provided by the close integration of Sophos PureMessage with MailSite's Sieve Filtering. This integration provides administrators and end users with the unique ability to create and administer filtering Rules that meet each organization's (or each individual's) particular requirements. This includes Rules specifying that messages from trusted senders should be handled differently to other messages. This flexibility places far more power into the hands of administrators and end users than the alternative of having a restricted set of pre-configured filtering options.

The following is a sample of some of the many ways in which Trusted Sender Lists can be applied in MailSite.

Example 1: Defining server level white lists

If you wish to have a white list that is applied for all users on the server, then you need to define the white list in the Server Receive Script, and then make use of it alongside every spam rule in the other scripts. One example use for this white listing technique is to ensure that all locally-hosted domains are identified as Trusted Senders.

You define the white list as follows:

• In the MailSite Console, double click the Sieve Filter icon in the Server Security Folder, select the Server Server Receive Script and click the Edit button.
• Click the Advanced Button and paste the following below the 'require' declaration line at the top of the script, (edit as required):

• Then beside each rule in your Sieve scripts that makes use of the spam score, you need to add an additional test to check for the presence of the X-Whitelist header. So for example if you had a rule in a script that looks like this:

• Then you would modify it to look like this:

• This will now only take action based on the spam score if the X-Whitelist header is absent or is empty.

Example 2: Do not apply the Spam Trap Rule to messages from trusted senders

The Spam Trap Rule is a Mailbox Delivery Script that is applied to all mailboxes hosted on that server. The Spam Trap Rule specifies that all messages with a certain spam score (the default is "Greater Than or Equal to 8") will be "quarantined" - delivered to end users' Junk Mail folders.

This example exempts messages from trusted senders from being captured by the Spam Trap Rule.

1. In the MailSite Console, double click the Sieve Filter icon in the Server Security Folder, select Mailbox Delivery Script and click the Edit button
2. Select and click the modify button to edit the Spam Trap rule
3. Click Next to go to the Modify Condition page of the Rule Wizard
4. Click "Add..." and enter a "If From does not contain joe@example.com" criterion (customize the address for your own white list settings) and click OK
5. Repeat step 4 as necessary to add to your white list as required
6. Click "Finish"

Note that in step 4 you can check the regular expression box and say .*@example.com to white list entire domains.

The rule will then look like this:

/*
RuleName: Spam Trap
RuleDescription: File all messages that are spam into a "Junk Mail" folder.
*/
if allof (
spamtest :value "ge" :comparator "i;ascii-numeric" "6",
not header :contains "From" "*@example.com"
) {
fileinto "Junk Mail";
stop;
}

Example 3: Setting up a personal "white list" using MailSite Express

End Users have the ability to create and manage their own Mailbox Filters in MailSite Express. This includes the ability to create personal lists of trusted senders - a personal "white list". This is how to do it:

• Log into MailSite Express, click on Options, click on Filters, click on "Add New Filter"
• Enter Filter Name, for example "Whitelist filter"
• Enter Filter Description, for example "Whitelist mail from these senders"
• Select "Filter messages where any of the following rules apply"
• Enter the address or domain name of the trusted sender in the blank field
• Select Action: Move to Inbox
• Click "Update filter"
• Repeat as necessary by adding a new Rule for each address or domain

Important: The above Sieve scripts are intended as examples only. Rockliffe does not provide technical support for specific Sieve scripts and strongly recommends that you test all Sieve scripts before implementing on your production server. Rockliffe can accept no liability for any direct or indirect consequences that arise from the above suggestions.

• 10296:What is the order of execution of Sieve Filters?
  
• 10303:Default anti spam scripts in MailSite
  
• 10268:Basic Spam Filtering
  
• 10383:Whitelisting and Blacklisting