B10[mg]

At work, spam is a real problem (at home too, by the way). So I've installed some tight regulations, using multiple RBLs and other nice spam filtering goodies. The problem with this is, of course, the false positives these spam filters get; mail that we'd really like to see.

Postfix offers you to keep a whitelist through the check_sender_access option, but I'm really too lazy to type in all addresses I use, and to keep doing that in the future. So I wrote a little bash hack that will scan the maillog every 10 minutes (thanks, cron!) and grabs the none-local, delivered mail addresses. These addresses get dumped (with time stamp for reference) in a whitelist file, and get postmapped

#!/usr/local/bin/bash

DATE_INS=0
DATE=`date`

for LINE in `sed -ne 's/^.*to=<\([^>]*\)>,
relay=[^(local)].*status=sent.*$/\1/p' /var/log/maillog | sort -u`
do
   if grep -q $LINE /etc/postfix/whitelist
   then
      continue
   fi

   if grep -q $LINE /etc/postfix/autowhitelist
   then
      continue
   fi

   if [ $DATE_INS -lt 1 ]
   then
      echo "### $DATE" >> /etc/postfix/autowhitelist
      DATE_INS=1
   fi

   printf "%-77s OK\n" $LINE >> /etc/postfix/autowhitelist
done
/usr/local/sbin/postmap /etc/postfix/autowhitelist

This post is listed in the Linux category. I use FreeBSD on my servers, but I have no doubt this will work on Linux too ;)