From bf413daf8a1a1fb38cbe3bde214f3c7b7e2d5f43 Mon Sep 17 00:00:00 2001
From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Wed, 16 Sep 2015 16:25:14 +0100
Subject: [PATCH] Add whitelist configuration.

---
 conf/dmarc_whitelist.inc      |  85 ++++++++++
 conf/modules.d/whitelist.conf |  31 ++++
 conf/spf_dkim_whitelist.inc   | 292 ++++++++++++++++++++++++++++++++++
 3 files changed, 408 insertions(+)
 create mode 100644 conf/dmarc_whitelist.inc
 create mode 100644 conf/modules.d/whitelist.conf
 create mode 100644 conf/spf_dkim_whitelist.inc

diff --git a/conf/dmarc_whitelist.inc b/conf/dmarc_whitelist.inc
new file mode 100644
index 000000000..496610b6e
--- /dev/null
+++ b/conf/dmarc_whitelist.inc
@@ -0,0 +1,85 @@
+# Domains with valid DMARC and DKIM
+# These domains come from some top visited sites that have restrictive dmarc policy
+
+4chan.org
+adp.com
+airbnb.com
+airtel.in
+americanexpress.com
+aol.com
+avg.com
+battle.net
+booking.com
+box.com
+chase.com
+evernote.com
+facebook.com
+fedex.com
+force.com
+google.ae
+google.at
+google.az
+google.be
+google.ca
+google.ch
+google.cn
+google.co.il
+google.co.in
+google.co.jp
+google.co.kr
+google.co.nz
+google.co.uk
+google.co.za
+google.com
+google.com.ar
+google.com.au
+google.com.br
+google.com.hk
+google.com.mx
+google.com.my
+google.com.pe
+google.com.ph
+google.com.pk
+google.com.tr
+google.com.ua
+google.com.vn
+google.de
+google.dk
+google.es
+google.fi
+google.fr
+google.gr
+google.hu
+google.ie
+google.it
+google.nl
+google.pl
+google.pt
+google.ro
+google.ru
+google.se
+google.sk
+instagram.com
+linkedin.com
+mackeeper.com
+mercadolibre.com.ar
+mercadolivre.com.br
+messenger.com
+neobux.com
+netflix.com
+newegg.com
+paypal.com
+pch.com
+pinterest.com
+squarespace.com
+t.co
+twitter.com
+ups.com
+usps.com
+verizonwireless.com
+vk.com
+vk.me
+whatsapp.com
+yahoo.com
+zendesk.com
+zomato.com
\ No newline at end of file
diff --git a/conf/modules.d/whitelist.conf b/conf/modules.d/whitelist.conf
new file mode 100644
index 000000000..191960e85
--- /dev/null
+++ b/conf/modules.d/whitelist.conf
@@ -0,0 +1,31 @@
+whitelist {
+    .include(try=true,priority=1) "${DBDIR}/dynamic/whitelist.conf"
+    rules {
+        "WHITELIST_SPF" = {
+            valid_spf = true;
+            domains = "${CONFDIR}/spf_whitelist.inc";
+            score = -1.0
+            description = "Mail comes from the whitelisted domain and has a valid SPF policy";
+        }
+
+        "WHITELIST_DKIM" = {
+            valid_dkim = true;
+            domains = "${CONFDIR}/dkim_whitelist.inc";
+            description = "Mail comes from the whitelisted domain and has a valid DKIM signature";
+        }
+        "WHITELIST_SPF_DKIM" = {
+            valid_spf = true;
+            valid_dkim = true;
+            domains = "${CONFDIR}/spf_dkim_whitelist.inc";
+            score = -6.0;
+            description = "Mail comes from the whitelisted domain and has valid SPF and DKIM policies";
+        }
+        "WHITELIST_DMARC" = {
+            valid_dkim = true;
+            valid_dmarc = true;
+            domains = "${CONFDIR}/dmarc_whitelist.inc";
+            score = -7.0;
+            description = "Mail comes from the whitelisted domain and has valid DMARC and DKIM policies";
+        }
+    }
+}
\ No newline at end of file
diff --git a/conf/spf_dkim_whitelist.inc b/conf/spf_dkim_whitelist.inc
new file mode 100644
index 000000000..271f33dc4
--- /dev/null
+++ b/conf/spf_dkim_whitelist.inc
@@ -0,0 +1,292 @@
+# Domains with valid SPF and DKIM
+
+4chan.org
+6pm.com
+about.com
+addthis.com
+adf.ly
+adobe.com
+adp.com
+adschemist.com
+airbnb.com
+airtel.in
+alibaba.com
+aliexpress.com
+alipay.com
+allrecipes.com
+amazon.ca
+amazon.cn
+amazon.co.jp
+amazon.co.uk
+amazon.com
+amazon.de
+amazon.es
+amazon.fr
+amazon.in
+amazon.it
+amazon.ru
+americanexpress.com
+ancestry.com
+android.com
+apple.com
+asana.com
+att.com
+autohome.com.cn
+avg.com
+aweber.com
+badoo.com
+bankofamerica.com
+basecamp.com
+battle.net
+bet365.com
+biglobe.ne.jp
+bitly.com
+bleacherreport.com
+blogger.com
+blogspot.co.id
+blogspot.com
+blogspot.de
+blogspot.in
+blogspot.jp
+blogspot.mx
+blogspot.ru
+bloomberg.com
+booking.com
+box.com
+bt.com
+capitalone.com
+cdiscount.com
+change.org
+chase.com
+cisco.com
+citi.com
+constantcontact.com
+costco.com
+craigslist.org
+custhelp.com
+dell.com
+delta.com
+diply.com
+discovercard.com
+disqus.com
+dropbox.com
+ebay.ca
+ebay.co.uk
+ebay.com
+ebay.com.au
+ebay.de
+ebay.fr
+ebay.in
+ebay.it
+ebay.ru
+etsy.com
+evernote.com
+expedia.com
+facebook.com
+fedex.com
+fidelity.com
+fishki.net
+flickr.com
+flirchi.com
+force.com
+freepik.com
+gap.com
+gawker.com
+github.com
+gizmodo.com
+godaddy.com
+goo.gl
+google.ae
+google.at
+google.az
+google.be
+google.bg
+google.ca
+google.ch
+google.cl
+google.cn
+google.co.id
+google.co.il
+google.co.in
+google.co.jp
+google.co.kr
+google.co.nz
+google.co.th
+google.co.uk
+google.co.ve
+google.co.za
+google.com
+google.com.ar
+google.com.au
+google.com.bd
+google.com.br
+google.com.co
+google.com.eg
+google.com.hk
+google.com.kw
+google.com.mx
+google.com.my
+google.com.ng
+google.com.pe
+google.com.ph
+google.com.pk
+google.com.sa
+google.com.sg
+google.com.tr
+google.com.tw
+google.com.ua
+google.com.vn
+google.cz
+google.de
+google.dk
+google.dz
+google.es
+google.fi
+google.fr
+google.gr
+google.hu
+google.ie
+google.it
+google.lk
+google.nl
+google.no
+google.pl
+google.pt
+google.ro
+google.rs
+google.ru
+google.se
+google.sk
+googleadservices.com
+googleusercontent.com
+groupon.com
+hdfcbank.com
+hgtv.com
+hh.ru
+hm.com
+houzz.com
+hubspot.com
+icicibank.com
+icloud.com
+ign.com
+imgur.com
+immobilienscout24.de
+indeed.com
+indiatimes.com
+infusionsoft.com
+instagram.com
+irctc.co.in
+kayak.com
+kickstarter.com
+kijiji.ca
+kotaku.com
+libero.it
+lifehacker.com
+likes.com
+linkedin.com
+list-manage.com
+mackeeper.com
+mailchimp.com
+mashable.com
+match.com
+mercadolibre.com.ar
+mercadolivre.com.br
+messenger.com
+microsoft.com
+microsoftonline.com
+neobux.com
+netflix.com
+newegg.com
+nhk.or.jp
+nifty.com
+nikkeibp.co.jp
+nyaa.se
+nytimes.com
+olx.ua
+overstock.com
+pandora.com
+paypal.com
+paypal.ca
+paypal.cn
+paypal.co.jp
+paypal.co.uk
+paypal.com
+paypal.de
+paypal.es
+paypal.fr
+paypal.in
+paypal.it
+paypal.ru
+paytm.com
+pch.com
+pinterest.com
+porn.com
+priceline.com
+qq.com
+quora.com
+rakuten.co.jp
+reddit.com
+researchgate.net
+salesforce.com
+sciencedirect.com
+shopify.com
+slack.com
+slideshare.net
+so-net.ne.jp
+southwest.com
+spotify.com
+squarespace.com
+stumbleupon.com
+surveymonkey.com
+swagbucks.com
+t.co
+taboola.com
+taleo.net
+taobao.com
+target.com
+taringa.net
+thekitchn.com
+tokopedia.com
+trello.com
+tribunnews.com
+trulia.com
+tumblr.com
+twitter.com
+ultimate-guitar.com
+ups.com
+usaa.com
+usbank.com
+usps.com
+verizon.com
+verizonwireless.com
+vimeo.com
+vine.co
+vk.com
+vk.me
+walmart.com
+wav.tv
+wellsfargo.com
+whatsapp.com
+wikia.com
+wikimedia.org
+wikipedia.org
+wix.com
+wordpress.com
+wordpress.org
+wp.com
+xuite.net
+xvideos.com
+yahoo.com
+yelp.com
+youtube.com
+ytimg.com
+yts.to
+zappos.com
+zendesk.com
+zippyshare.com
+zomato.com
+zulily.com
+
+odnoklassniki.ru
+moikrug.ru
+ok.ru
\ No newline at end of file
-- 
2.39.5