RE: [SAtalk] whitelist problems

> I have messages I am desperatly trying to whitelist from SA. > I am using SpamAssassin on a Solaris 8 server using sendmail > 8.12.10 and MIMEDefang. > > I have tried various lines in > /etc/mail/spamassassin/sa-mimedefang.cf to no avail: > >whitelist_from [EMAIL PROTECTED] >whitelis

Re: [SAtalk] whitelist problems

I think this is a bug in the latest release of SA, I just reported it an hour ago. Theo is checking it out for me, we might see a new version released soon! Frederic Tarasevicius Internet Information Services, Inc. Charles Gagnon wrote: > I have messages I am desperatly trying to whitelist fro

Re: [SAtalk] whitelist problems

On Wed, Jan 28, 2004 at 01:24:09PM -0500, Colin A. Bartlett wrote: [...] > Just to point out the obvious, did you restart spamd or mimedefang > after adding the lines to your CF file? Yeah. I have restarted sendmail and MIMEDefang after every config attempt but it didn't work. > BTW, in my experi

RE: [SAtalk] whitelist problems

This is a top post. Sue me. Just to point out the obvious, did you restart spamd or mimedefang after adding the lines to your CF file? BTW, in my experience, 2 points is way to low to be considered spam. But YMMV of course. cheers, Colin Colin A. Bartlett Kinetic Web Solutions www.kineticweb.b

Re: [SAtalk] whitelist by ip and logging issues

Matt Kettler wrote: 99% of the time you're much better off implementing a whitelist in whatever layer you are using to call SA in the first place (ie: procmail them around sa instead of through it).. In my setup the SA is called from postfix (-o content_filter in master.cf). The box does not ha

Re: [SAtalk] whitelist by ip and logging issues

Bob Apthorpe wrote: What about the trusted_networks parameter? From perldoc Mail::SpamAssassin::Conf: DNS blacklist checks will never query for hosts on these networks. Exactly as stated, these (dnsbl) are the only tests that are not performed for trusted networks. danb

Re: [SAtalk] whitelist by ip and logging issues

Hi, On Tue, 13 Jan 2004, Matt Kettler wrote: > At 03:31 AM 1/13/2004, DanB wrote: > >Just installed spamassassin 2.60 - there are two things I haven't > >figured yet: > > > >- can I whitelist somebody by the ip of the mta that gives me that > >mail? > > Within SA, no What about the trusted_n

Re: [SAtalk] whitelist by ip and logging issues

At 03:31 AM 1/13/2004, DanB wrote: Just installed spamassassin 2.60 - there are two things I haven't figured yet: - can I whitelist somebody by the ip of the mta that gives me that mail? Within SA, no Also, you should realize that SA's built in whitelist (ie: whitelist_from) doesn't prevent

RE: [SAtalk] whitelist question

ent: Monday, December 29, 2003 5:39 AM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: Re: [SAtalk] whitelist question > > At 02:08 PM 12/28/03 -0800, S. M. C. Butler wrote: > >whitelist_from [EMAIL PROTECTED], [EMAIL PROTECTED], root, > >Super-User > > &g

Re: [SAtalk] whitelist question

At 02:08 PM 12/28/03 -0800, S. M. C. Butler wrote: whitelist_from [EMAIL PROTECTED], [EMAIL PROTECTED], root, Super-User but unix system messages like the one below still get trapped as spam. I thought that the whitelist_from took precedence over everything else, am I missing something? Appreciate

RE: [SAtalk] Whitelist

Simplest way is to use the basic whitelist_from in your local.cf file   # Whitelist and blacklist addresses are now file-glob-style patterns, so # "[EMAIL PROTECTED]", "[EMAIL PROTECTED]", or "*.domain.net" will all work.   So if I wanted to whitelist anyone with an @sourceforge.net ad

Re: [SAtalk] WhiteList problem

On Wed, 2003-11-12 at 13:39, Matt Kettler wrote: > At 12:13 PM 11/12/2003, Kiryl Hakhovich , [EMAIL PROTECTED] wrote: > >am I missing something here? > > > >here is a headers for email that should be going through: > > > >--- > > > >Received: from > >mail-gateway.exchan

Re: [SAtalk] WhiteList problem

At 12:13 PM 11/12/2003, Kiryl Hakhovich , [EMAIL PROTECTED] wrote: am I missing something here? here is a headers for email that should be going through: --- Received: from mail-gateway.exchange.goodwillny.org ([10.0.1.27]) by winxchnge2-2kab.exchange.goodwillny.org

Re: [SAtalk] whitelist question

Jack Coates wrote: just got a spam that SA 2.55 not only didn't catch, but specifically let through because of whitelisting. I don't have a manual whitelist that matches this message, but I do have auto-whitelist turned on. Is there a way to parse the auto whitelist files and see what's in them? I'

Re: [SAtalk] Whitelist not working?

On Sun, 2 Nov 2003, Ron Johnson wrote: > Hi, > > SA 2.60 > Postfix 2.0.16 [snip..] > So, I added whitelist entries to /etc/spamassassin/local.cf for all > the machines in my home lan, and restarted spamassassin. > def_whitelist_from_rcvd [EMAIL PROTECTED]haggis > def_whitelist_from_rc

Re: [SAtalk] Whitelist / Rule Question...

At Sat Oct 25 03:18:30 2003, Larry Gilson wrote: > > I get username in the body also. While trying to personalize a message the > spammer uses an alias/username for an introduction. An example would be a > person with an address of [EMAIL PROTECTED] > > #--- Begin Example ---# > Hello Dude, Th

RE: [SAtalk] Whitelist / Rule Question...

> -Original Message- > From: Matt Kettler > Sent: Friday, October 24, 2003 6:32 PM > To: [EMAIL PROTECTED]; > [EMAIL PROTECTED] > Subject: Re: [SAtalk] Whitelist / Rule Question... > > > At 01:34 PM 10/24/2003, Dan Tappin wrote: > >rawbody USERNAME

Re: [SAtalk] Whitelist / Rule Question...

At 01:34 PM 10/24/2003, Dan Tappin wrote: rawbody USERNAME /username/i describe USERNAME score USERNAME -100.0 ... where the person sending e-mail is [EMAIL PROTECTED] Um... does "username" appear in the body part of the message? Note that "rawbody" does not include the headers. You probably want

Re: [SAtalk] Whitelist?

At 09:55 PM 10/12/2003, Robert Nicholson wrote: Q. With the SA whitelist, will mail that contains addresses that are on the whitelist ever be checked for spam? Yes. The SA whitelist only performs a score-biasing method, but the messages are still checked. This applies to both the conventional, an

RE: [SAtalk] whitelist not working...

I have not been able to resolve this one. I am still getting these messages identified as spam. spamc results in the same score from the logs and does not show the whitelist effecting the score at all. spamassassin --lint does not show any error messages and other wise SA is identifing tons of o

RE: [SAtalk] Whitelist Issue

the link - I will check it out. Dan > -Original Message- > From: Matt Kettler [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 02, 2003 9:43 AM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: RE: [SAtalk] Whitelist Issue > > > > No, . is the wildcard ch

RE: [SAtalk] Whitelist Issue

At 09:09 AM 10/2/03 -0600, Dan Tappin wrote: So if I wanted multiple ISP's in the same rule can I do an OR operator or can I just create multiple header rules with the same lable? All rules must have different names.. if two rules have the same name, the first is over-written. There is a regex O

RE: [SAtalk] Whitelist Issue

tt > Kettler > Sent: Wednesday, October 01, 2003 9:31 PM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: RE: [SAtalk] Whitelist Issue > > > At 09:26 AM 10/1/03 -0600, Dan Tappin wrote: > >How would I whitelist a machine? > > AFAIK there's no normal whitelist s

RE: [SAtalk] Whitelist Issue

At 09:26 AM 10/1/03 -0600, Dan Tappin wrote: How would I whitelist a machine? AFAIK there's no normal whitelist support for that, but you could get that effect with a custom header rule. For example: header LOCAL_RCVD_PRIV_TELUSPLANET Received =~ /priv-.{0,20}\.telusplanet\.net/i score LO

RE: [SAtalk] Whitelist Issue

round. Dan > -Original Message- > From: Matt Kettler [mailto:[EMAIL PROTECTED] > Sent: Wednesday, October 01, 2003 9:09 AM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: Re: [SAtalk] Whitelist Issue > > > At 08:45 AM 10/1/03 -0600, Dan Tappin wrote: > >

Re: [SAtalk] Whitelist Issue

At 08:45 AM 10/1/03 -0600, Dan Tappin wrote: whitelist_from [EMAIL PROTECTED] whitelist_from_rcvd *.tsn.ca tsn.ca whitelist_from [EMAIL PROTECTED] whitelist_from_rcvd *.theglobeandmail.comtheglobeandmail.com Am I missing something obvious here? Well that

RE: [SAtalk] WhiteList

olten > Sent: Wednesday, September 17, 2003 7:48 AM > Cc: [EMAIL PROTECTED] > Subject: Re: [SAtalk] WhiteList > > > put the following line into your local.cf -file > > whitelist_from [EMAIL PROTECTED] > > or > whitelist_from [EMAIL PROTECTED] > > >

RE: [SAtalk] WhiteList

Let me be the first to say it. Read the docs or the FAQ or the list archives. Now to answer your question: local.cf > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of O-Zone > Sent: Wednesday, September 17, 2003 11:15 AM > To: [EMAIL PROTECTED] > Su

RE: [SAtalk] WhiteList

Can you whitelist a IP subnet using the same format? Dan > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of > Cornelius Bolten > Sent: Wednesday, September 17, 2003 7:48 AM > Cc: [EMAIL PROTECTED] > Subject: Re: [SAtalk] Whit

Re: [SAtalk] WhiteList

I wrote a short shell script that does the trick for me. It assumes that there is a file, local.cf.top that has all the config info from the normal local.cf file, everything except the white or blacklist info, and a file local.cf.names that contains all the whitelist and blacklist lines. Run w

Re: [SAtalk] WhiteList

On Wed, 17 Sep 2003 15:15:25 + O-Zone <[EMAIL PROTECTED]> wrote: > Hi all, > i need to add an address to spamassassin whitelist. Where ? > Just add a line like whitlist_from [EMAIL PROTECTED] to the file local.cf in mails homefolder -- Regards, Jens Strohschnitter

Re: [SAtalk] WhiteList

put the following line into your local.cf -file whitelist_from [EMAIL PROTECTED] or whitelist_from [EMAIL PROTECTED] - Original Message - From: "O-Zone" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, September 17, 2003 5:15 PM Subject: [SAtalk] WhiteList

RE: [SAtalk] Whitelist by IP?

> Having a problem with some users on our local network writing > emails that get marked as spam. I dont want to whitelist by > domain as this is easy to forge is there a way to whitelist > by IP (and mask) that the mail was recieved from, being these > users are all local on rfc1918 network s

Re: [SAtalk] WHITELIST QUESTION

At 01:12 PM 7/30/2003 -0600, Alan Fullmer wrote: I have a question for someone. What does Whitelist_from actually look at? all headers? or a single one? Is there a way to whitelist this line: From: "Alan Fullmer" <[EMAIL PROTECTED]> any ideas? thanks in advance. w

Re: [SAtalk] WHITELIST QUESTION

On Wed, 30 Jul 2003, Alan Fullmer wrote: > I have a question for someone. > > What does Whitelist_from actually look at? all headers? or a single one? > > Is there a way to whitelist this line: From: "Alan Fullmer" > <[EMAIL PROTECTED]> Here is how I would do it: whitelist_from [EMAIL PROTEC

Re: [SAtalk] whitelist not working?!?

On Tue, 29 Jul 2003, Bonny wrote: > Hello all! > > In my ./spamassassin/user_prefs I put: > > whitelist_from@tuttinudi.com Try: whitelist_from [EMAIL PROTECTED] Later-- Tim -- Timothy J. Schutte | AIM: TimSchutte | ICQ: 57061028 [EMAIL PROTECTED] | Yahoo: kc8hr| http:/

Re: [SAtalk] whitelist not working?!?

At 07:41 PM 7/29/2003 +0200, Bonny wrote: Hello all! In my ./spamassassin/user_prefs I put: whitelist_from @tuttinudi.com BUT e-mails coming in from that domain (I mainly get it from ONE address, which is a mailing list) are still caught as SPAM! What can I do? I already did "sa-learn" on the

RE: [SAtalk] Whitelist ignored for auto-learn?

> -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of David B Funk > Sent: Wednesday, July 23, 2003 11:48 AM > To: Joe Julian > Cc: [EMAIL PROTECTED] > Subject: Re: [SAtalk] Whitelist ignored for auto-learn? > > > On Wed,

Re: [SAtalk] Whitelist ignored for auto-learn?

On Wed, 23 Jul 2003, Joe Julian wrote: > I have a list of specific trusted addresses in my whitelist, but it > still won't autolearn from them. Why not? Their scores are quite > negative, way below -2, but it still won't autolearn from them. It looks > like it's ignoring the whitelist when checkin

Re: [SAtalk] Whitelist Problem

At 01:46 AM 7/16/03 -0400, Gorm Jensen wrote: I run spamassassin 2.55 on a Redhat 7.2 system The attached email is spam, but it was not filtered because of the "USER_IN_WHITELIST" assessment. I studied my whitelist, and neither the originator nor strings containing the originator are listed, so I

Re: [SAtalk] Whitelist Problem

Close. I whitelisted myself, and the spam's "Return-Path" points to me. Thanks, Bob. > Even without seeing the missing attachment, I'm guessing the message > matched something in the default whitelists in > /usr/share/spamassassin/60_whitelist.cf > > Amazon? > > -- Bob ---

Re: [SAtalk] Whitelist Problem

Hi, On Wed, 16 Jul 2003 01:46:17 -0400 "Gorm Jensen" <[EMAIL PROTECTED]> wrote: > I run spamassassin 2.55 on a Redhat 7.2 system > > The attached email is spam, but it was not filtered because of the > "USER_IN_WHITELIST" assessment. I studied my whitelist, and neither > the originator nor stri

Mystery Solved! [Was: Re: [SAtalk] Whitelist not whitelisting?}

--- Larry Rosenman <[EMAIL PROTECTED]> wrote: > > > --On Tuesday, June 24, 2003 10:42:31 -0400 Theo Van > Dinter > <[EMAIL PROTECTED]> wrote: > > > On Tue, Jun 24, 2003 at 07:26:42AM -0700, James > Nonya wrote: > >> Yet the email is still processed. Anything I'm > >> missing here? > > > > Whi

Re: [SAtalk] Whitelist not whitelisting?

--On Tuesday, June 24, 2003 10:42:31 -0400 Theo Van Dinter <[EMAIL PROTECTED]> wrote: On Tue, Jun 24, 2003 at 07:26:42AM -0700, James Nonya wrote: Yet the email is still processed. Anything I'm missing here? Whitelists don't make the message not get processed. They just add a score (negative

Re: [SAtalk] Whitelist not whitelisting?

On Tue, Jun 24, 2003 at 07:26:42AM -0700, James Nonya wrote: > Yet the email is still processed. Anything I'm > missing here? Whitelists don't make the message not get processed. They just add a score (negative in this case). Same as blacklists. The only way to not filter for a set of users is

Re: [SAtalk] whitelist question:

I finally found http://spamassassin.org/doc/Mail_SpamAssassin_Conf.html. which covers this. Using whitelist_from will bypass checking based on the from address. To bypass based on the sending server(and from address) use whitelist_from_rcvd. To bypass tests for all mail from your use whitelist

Re: [SAtalk] Whitelist using LDAP server

John Lederer wrote: > I am extremely interested. > > We use Rolodap, an LDAP contacts directory . Automatically whielisting > email from anyone in tht would let us lower the threshold for spam > generally. > > If you can post your code somewhere where I could link to it, I would > make sure that

Re: [SAtalk] Whitelist using LDAP server

Simon Byrnand wrote: Huh ? Of course Sendmail can refuse mail for non-existant user accounts. :) This happens automatically for the "primary" domain name the server is configured with, but if you're doing multiple virtual domains using the virtusertable file then you need a wildcard entry per d

Re: [SAtalk] Whitelist using LDAP server

At 11:30 15/06/03 +0200, Tony Earnshaw wrote: >Ah. Does this make any difference to putting your MTA in a proxy-forwarding DMZ? Don't know what provision >Sendmail has for defeating dictionary attacks and suchlike, but both Postfix 2.0 and Exim 4.20 can completely >defeat them, so using Fetchmai

Re: [SAtalk] Whitelist using LDAP server

On Sun, Jun 15, 2003 at 05:44:40PM +0200, Tony Earnshaw wrote: > I'll do a trade with you ("swap you this for that"). You tell me how > you'd whitelist a given ldap alias list with Sendmail, and I'll tell you > how I'd do it with SA-Exim 4.20/3.0 and with Postfix 2.0.12 (dunno yet, > cos I never

Re: [SAtalk] Whitelist using LDAP server

David Luyer wrote: Of course it can. sendmail can do anything. Never believe anyone who tells you there's something sendmail can't do. Well, well, well. It does it by default if it's the final delivery host, Good. So now I know that. I don't know Sendmail at all, but as I said, both SA-Exim 4.

RE: [SAtalk] Whitelist using LDAP server

> Also, both can be configured to refuse mail for non-existent user > accounts. Which I don't believe Sendmail can. Of course it can. sendmail can do anything. Never believe anyone who tells you there's something sendmail can't do. It does it by default if it's the final delivery host, if it's

Re: [SAtalk] whitelist file?

dGenus Mailing List wrote: /etc/mail/spamassassin/whitelist_from.cf What is teh format of this file... one entry per line??? It's exactly the same as you'd stuff into your user_prefs or local.cf file. In fact, it's simply an extension of both the latter. The only point of having it at all, is to

Re: [SAtalk] Whitelist using LDAP server

Colin Dean wrote: Sorry, in trying to be brief in my original posting, I probably wasn't clear enough. All you had to do is to explain "why." Before using SA, we'd set up a regular cron job to send the relevant data from MySQL into an OpenLDAP directory so that we could then use this easily as a

Re: [SAtalk] whitelist file?

Jim Ford wrote: I think it's what's known as a "badly kept secret." Unless you count the many and frequent postings on this list, pointing it out. Should be in a FAQ somewhere (and is, perhaps :), it isn't in 'man spamd', 'man Mail::SpamAssassin::Conf',though. It's probably in the code in the P

Re: [SAtalk] whitelist file?

Tony Earnshaw wrote: /etc/mail/spamassassin/whitelist_from.cf What is teh format of this file... one entry per line??? --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.media

Re: [SAtalk] Whitelist using LDAP server

I am extremely interested. We use Rolodap, an LDAP contacts directory . Automatically whielisting email from anyone in tht would let us lower the threshold for spam generally. If you can post your code somewhere where I could link to it, I would make sure that Rolodap users generally knew of

Re: [SAtalk] Whitelist using LDAP server

Tony Earnshaw wrote: I suppose it might be of interest to others if you told the list what users your ldap director[y|ies] contain(s). As well as your policy. Like I don't want mail from my local users (100% Openldap 2.1.19 based) scanned, so both with my Postfix 2.0.x and SA-Exim 4.20/3.0 MTAs

Re: [SAtalk] whitelist file?

On Sat, Jun 14, 2003 at 10:07:55AM +0200, Tony Earnshaw wrote: > I think it's what's known as a "badly kept secret." Unless you count the > many and frequent postings on this list, pointing it out. Should be in a > FAQ somewhere (and is, perhaps :), it isn't in 'man spamd', 'man > Mail::SpamAss

Re: [SAtalk] Whitelist using LDAP server

Colin Dean wrote: Using SpamAssassin, I want to whitelist every email address in the LDAP directory address book our mail clients (Mozilla and Netscape) use, without having a separate "whitelist_from" hard-wired into the SpamAssassin config file. So I've hacked some changes to SpamAssassin 2.55 so

Re: [SAtalk] whitelist file?

Thomas Cameron wrote: In as much as any .cf file in that directory will be read in whenever whatever it is (spamd, amavisd-new etc) starts up. Given read rights, etc. Where is that documented? I am having a hard time finding things like that... I think it's what's known as a "badly kept secre

Re: [SAtalk] whitelist file?

On Fri, 2003-06-13 at 18:00, Tony Earnshaw wrote: > Jonathan Nichols wrote: > > > Is there a way to have a "whitelist_from" file instead of individual > > entries in local.cf? > > /etc/mail/spamassassin/whitelist_from.cf > > In as much as any .cf file in that directory will be read in whenever

Re: [SAtalk] whitelist file?

Jonathan Nichols wrote: Is there a way to have a "whitelist_from" file instead of individual entries in local.cf? /etc/mail/spamassassin/whitelist_from.cf In as much as any .cf file in that directory will be read in whenever whatever it is (spamd, amavisd-new etc) starts up. Given read rights,

RE: [SAtalk] whitelist: help please ;'o(

This may not be quite on the mark, but is something I've been looking at, so will pass it along. There's a utility called 'fam', which has been contributed to the open source community by SGI. Fam monitors files for changes, and notifies clients when those files have been chaged: http://oss.sgi.co

Re: [SAtalk] Whitelist not working as expected.

mAssassin listserve <[EMAIL PROTECTED]> Subject: RE: [SAtalk] whitelist > > I don't suppose someone out there could tell me how to tell procmail to > simply accept the message and stop processing? > Generally, just deliver it to $DEFAULT. Something like this (toward

Re: [SAtalk] Whitelist not working as expected.

On Sat, May 31, 2003 at 01:34:53PM +0100, Jim Ford wrote: > What, using procmail to send the trusted mail straight to the mailbox, > bypassing SA? (Procmail - another program I'll have to get to grips with!) If you're using procmail, yes. Basically you need to put the logic of "do I want to filte

Re: [SAtalk] Whitelist not working as expected.

On Sat, May 31, 2003 at 11:06:41AM +0100, Jim Ford wrote: > However, I still see SA checking info in the headers of the whitelisted mails. > Is this normal, please? Yes. A white/black-list does not stop SA from running over a message. They simply add a certain value (positive or negative) to the

Re: [SAtalk] Whitelist not working as expected.

On Sat, May 31, 2003 at 08:10:15AM -0400, Theo Van Dinter wrote: > The only way to not have SA check a message is to not call SA under > certain conditions. What, using procmail to send the trusted mail straight to the mailbox, bypassing SA? (Procmail - another program I'll have to get to grips w

Re: [SAtalk] Whitelist an expression?

Whitelist_from or whitelist_from_rcvd should do it. It will bounce -100 scores to his messages. the _rcvd version will be somewhat resistant to forgery by checking both from: and received headers. You could also do a custom rule, but that's likely to be overkill. I'd only try it if whitelist_fr

RE: [SAtalk] whitelist

> > I don't suppose someone out there could tell me how to tell procmail to > simply accept the message and stop processing? > Generally, just deliver it to $DEFAULT. Something like this (towards the beginning of your procmailrc): FROM=`formail -rx To: | sed -e 's/^[ ]*//'` REALLY_FROM=`forma

Re: [SAtalk] whitelist

Jack Gostl wrote: On Wed, 28 May 2003, Jack Gostl wrote: On Wed, 28 May 2003, Matt Kettler wrote: The whitelists within spamassassin are rules and as such it simply adds -100 to the message score. The way to get an absolute whitelist that aborts processing is the configure procmail, o

Re: [SAtalk] whitelist

On Wed, 28 May 2003, Jack Gostl wrote: > On Wed, 28 May 2003, Matt Kettler wrote: > > > The whitelists within spamassassin are rules and as such it simply adds > > -100 to the message score. > > > > The way to get an absolute whitelist that aborts processing is the > > configure procmail, or w

Re: [SAtalk] whitelist

On Wed, 28 May 2003, Matt Kettler wrote: > The whitelists within spamassassin are rules and as such it simply adds > -100 to the message score. > > The way to get an absolute whitelist that aborts processing is the > configure procmail, or whatever other tool you use, to not even call SA in >

Re: [SAtalk] whitelist

The whitelists within spamassassin are rules and as such it simply adds -100 to the message score. The way to get an absolute whitelist that aborts processing is the configure procmail, or whatever other tool you use, to not even call SA in the first place. You'll get more performance boost tha

Re: [SAtalk] whitelist exploit

On Wed, 28 May 2003, Matt Kettler wrote: > 3) dialup RBLs should skip the oldest one or two, but I think it already > does this part just fine. Actually we were just talking about this tonight in another thread, "Defining my own rules." It's never really be said for sure but we're under the i

Re: [SAtalk] whitelist exploit

Hmm, then it looks like whitelist_from_rcvd should be using the value of num_check_received. Unless for some reason you over-rode that to a large number... Although, I'd argue that to be truly proper SA needs to use different limits on "num_check_received" for different circumstances. I've mad

Re: [SAtalk] whitelist exploit

I want to confirm the Amazon problem. I'm getting spam from someone with forged Amazon headers, and it's getting a -100.0 tacked on. I don't have a whitelist entry for Amazon.com in my user preferences, and the site installation is stock 2.55. Below is the header. -- Jim Hunziker From [EMAIL

Re: [SAtalk] whitelist with spamassassin ?

The problem here is that Microsoft is too lazy to set up DNS for the server delivering this mail. Until they do so, whitelist_from_rcvd will NOT work. As per the man page, the part of the Received header searched MUST be next to a bracketed IP address to prevent simple HELO spoofing. Received:

Re: [SAtalk] whitelist from not working

First, don't ever edit 60_whitelist.cf if you can avoid it, add your own stuff to local.cf instead. 60_whitelist.cf, and ever other file in /usr/share/spamassassin/ will be obliterated without warning when you upgrade SA. Those files are not intended to be edited for general customization. You

Re: [SAtalk] whitelist entries in local.cf being ignored

Theo Van Dinter says: On Fri, Jan 10, 2003 at 08:41:43PM -0800, M. Brownsworth wrote: > Note that it does report "USER_IN_WHITELIST_TO," but it still doesn't add -100 to keep the score below the 5.0 threshold. Experimenting, I Of course not, the score for USER_IN_WHITELIST_TO is -6. -6?

Re: [SAtalk] whitelist entries in local.cf being ignored

On Fri, Jan 10, 2003 at 08:41:43PM -0800, M. Brownsworth wrote: > Note that it does report "USER_IN_WHITELIST_TO," but it still doesn't > add -100 to keep the score below the 5.0 threshold. Experimenting, I Of course not, the score for USER_IN_WHITELIST_TO is -6. > It added -100 to the score,

Re: [SAtalk] Whitelist

On Wed, Dec 18, 2002 at 09:10:28AM -0200, Ronan Lucio wrote: > Hello All, > > How can I whitelist the messages from this list? I believe # echo "whitelist_to [EMAIL PROTECTED]" >> /path/to/local.cf should do the trick. You can add the 'whitelist' line and test against a message: # spamassassi

Re: [SAtalk] Whitelist Problem

Slava Madrit said: > We are using Spamassassin on win32 along with Guinevere 2 for our > GroupWise 6 system. I have a user who does not want his spam marked by > spamassassin. So I added an entry into the whitelist that says ALL_SPAM_TO= > [EMAIL PROTECTED] so that it will not get marked. It s

Re: [SAtalk] whitelist function - where is it?

Read man Mail::SpamAssassin::Conf You probably want to add a whitelist_from_rcvd or whitelist_from to your /etc/mail/local.cf. At 01:46 PM 11/5/2002 -0500, Vernon Webb wrote: I've been trying to read through the web site in an attempt to remove an email I am receiving from the SPAM list (yes I w

Re: [SAtalk] Whitelist 'include' syntax?

At 01:43 PM 10/10/02 -0700, Karsten M. Self wrote: >I'm curious as to whether or not there's an 'include' syntax which can >be used on Spamassassin rulesets, particularly whitelist rules. Spamassassin seems to read all files in /etc/mail/spamassassin (or whatever your local equivalent is). Simo

RE: [SAtalk] whitelist envelope MAIL FROM

Randy, there's no default option to access envelope information, though you could easily write your own rule. However, using all_spam_to in your user_prefs should accomplish the same thing, unless the mailing was Bcc'ed. Of course, you could also create a rule looking for List-Unsubscribe header

Re: [SAtalk] Whitelist

Thanks for the clarification. On Sun, 14 Jul 2002, Craig R.Hughes wrote: > Whitelist entries can either be on separate lines, as Mike > describes, or you can put multiple address patterns on one line, > separated by whitespace. No quotes nor commas. > > C > > On Sunday, July 14, 2002, at 01

Re: [SAtalk] Whitelist

Whitelist entries can either be on separate lines, as Mike describes, or you can put multiple address patterns on one line, separated by whitespace. No quotes nor commas. C On Sunday, July 14, 2002, at 01:30 AM, Mike Burger wrote: > On Sat, 13 Jul 2002, Chris Ogles wrote: > >> Can someone h

Re: [SAtalk] Whitelist

On Sat, 13 Jul 2002, Chris Ogles wrote: > Can someone help me with whitelisting... > > This is my whitelist that I am trying to get working: > > whitelist_from"*@lists.sourceforge.net", > "*@ummail4.unitedmedia.com", "*@my-etrust.com" > > I have this placed in my user_perfs

Re: [SAtalk] Whitelist

On Saturday 13 July 2002 10:20 pm, Chris Ogles wrote: > Can someone help me with whitelisting... > > whitelist_from"*@lists.sourceforge.net", > "*@ummail4.unitedmedia.com", "*@my-etrust.com" Don't put quotes around the addresses, and don't separate addresses with commas. -- Giv

Re: [SAtalk] whitelist vs. mime_defang

Hi, > shows that whitelist is applied, bumping the score down to change > is as non-spam-status. But it is still getting mangled by > mime_defang to a somewhat-unreadable form (straight HTML code). I am not sure mime-defang option applies to spam only, I think that is a general option that SA ap

Re: [SAtalk] whitelist vs. mime_defang

On Thu, 27 Jun 2002, Kevin G. J. Freels wrote: > The whitelist_to section of the doc: > > whitelist_to [EMAIL PROTECTED] > If the given address appears in the `To:' or `Cc:' > headers, mail will be whitelisted. > > As I read this, it says that the whitelist_from is for exte

Re: [SAtalk] whitelist vs. mime_defang

No, this is mail from outside to a user inside; it's not mail we're sending out. Accordning to the SA Mail_SpamAssassin_Conf.txt docs: whitelist_from [EMAIL PROTECTED] Used to specify addresses which send mail that is often tagged (incorrectly) as spam; The whitelist_to section

Re: [SAtalk] Whitelist servers

[EMAIL PROTECTED] wrote: > Does anyone know a way of whitelisting mail from certain email servers? We > are trying to do this because originally we whitelisted our domain name, now > we are getting spams through with a forged source address from our domain > name. So we were thinking we could whi

Re: [SAtalk] whitelist

Scott Nelson wrote: SN> The RFCs also say that an agent is not allowed to delete email, SN> but that is the entire /purpose/ of spam assassin. SN> RFCs are not inflexible rules which everyone is required to follow, SN> but rather a set of "best practice" guidelines. No, that is not the purpose o

Re: [SAtalk] whitelist

On Mon, 27 May 2002, Lars Hansson wrote: > On Saturday 25 May 2002 04:41, Mark Martinec wrote: > > MUA can pass envelope addresses separately, otherwise MTA must derive > > them by parsing RFC2822 header, and remove Bcc while doing it. > > An MTA never has to parse adresses from the header in an

Re: [SAtalk] whitelist

On Saturday 25 May 2002 04:41, Mark Martinec wrote: > Not necessarily - depends on how MUA passes message to MTA. > MUA can pass envelope addresses separately, otherwise MTA must derive > them by parsing RFC2822 header, and remove Bcc while doing it. > This is covered by: An MTA never has to pars

Re: [SAtalk] whitelist

On Sun, May 26, 2002 at 09:28:19AM -0700, Scott Nelson wrote: | At 09:08 AM 5/26/02 -0500, dman wrote: | >On Sat, May 25, 2002 at 06:53:08PM -0700, Scott Nelson wrote: | >| At 11:01 AM 5/25/02 -0500, dman wrote: | >| > | >| >That sounds bad to me. I clearly recall a section of RFC821 stating | >|

Re: [SAtalk] whitelist

At 09:08 AM 5/26/02 -0500, dman wrote: >On Sat, May 25, 2002 at 06:53:08PM -0700, Scott Nelson wrote: >| At 11:01 AM 5/25/02 -0500, dman wrote: >| > >| >That sounds bad to me. I clearly recall a section of RFC821 stating >| >that an MTA MUST not mangle a message in any way. >| >| Nope, that's co

Re: [SAtalk] whitelist

On Sat, May 25, 2002 at 06:53:08PM -0700, Scott Nelson wrote: | At 11:01 AM 5/25/02 -0500, dman wrote: | > | >That sounds bad to me. I clearly recall a section of RFC821 stating | >that an MTA MUST not mangle a message in any way. | | Nope, that's completely wrong. I went back to the RFC, and i

  1   2   >