In sf_mfilter_local.txt add this and populate as desired.... (this
will have modest results initially but will work better with new
builds that will pay more attention to the whitelisting score)
# Rules for trusted domains based on SPF, we check the address in
the 'spf' header is the domain we trust... (since from may be
if (isin("Received-SPF","res=PASS")) then
# Rules for trusted domains based on DKIM (preferred), there is no
need to add these ones to the spf rules above too, only use spf if
no dkim header...
if (isin("Authentication-Results","dkim=pass")) then
if (rexp(from,HIDDEN@es\.audible\.com\.au$")) then
# If source is verified by spf or dkim, and domain is enherrently
trustworthy, then zero out the spam score...
if (evalflags("_TRUSTDOM")) then
On 21/04/2016 2:21 a.m., Steven wrote:
What is the best practice for example if you wanted to make
sure certain legit domains are never sent challenge emails?
Example: Utilities sending bills or statements,
Amazon/Online senders sending delivery updates, or other
The goal is for them to get through BUT you still want to
make sure SPF checks are complete. In other words I'd like to
globally whitelist a domain but only from the legitimate
source. We won't want them to get quarantined or challenged
Thanks in advance for any advice.