On Wed, 20 Jun 2012 18:38:49 +0200
Flemming Jacobsen wrote:
> RW wrote:
> > On Wed, 20 Jun 2012 11:33:49 +0200 Per Jessen wrote:
> > > RW wrote:
> > > > What I mean is that if I whitelist a private email address, the
> > > > chances of a spammer ever sending me a spam spoofing that
> > > > address
Den 2012-06-20 18:38, Flemming Jacobsen skrev:
Because you use email to send yourself reminder notes or small
files. I have addresses on several distinct systems (private,
work, google, user group, ...).
And I whitelist them because I do not want mail to get lost.
with shared imap folders noth
RW wrote:
> On Wed, 20 Jun 2012 11:33:49 +0200 Per Jessen wrote:
> > RW wrote:
> > > What I mean is that if I whitelist a private email address, the
> > > chances of a spammer ever sending me a spam spoofing that address is
> > > very small.
> >
> > Happened to me twice only yesterday - somebody s
Den 2012-06-20 14:05, Greg Troxel skrev:
That way I could do:
whitelist_from -5 f...@yahoo.com
AWL plugin basicly could be extended to use dkim/spf and more bound to
whitelist_* so the awl score is more live calculated, with default awl
its bound to 0.0.x.x/16 but it could be changed to /
On Wed, 20 Jun 2012 11:22:08 +0200
Per Jessen wrote:
> RW wrote:
> > Not if someone sends an email through a different mail system,
>
> I think that is what "whitelist_allows_relays" is intended to take
> care of.
If it made a difference to the case I was referring to then it would
effectivel
On 6/20/2012 8:05 AM, Greg Troxel wrote:
I would like to see...
As an open source project, we encourage people to submit patches and
step up to coding on the project.
You can really start small with one line patches and I'll do my best to
support you.
Regards,
KAM
My suggestion was intended to minimize the effect on existing
behavior. I agree, it would probably be a very good idea to allow
whitelist_from to be scored differently than the other whitelist
variants, and to ship it with a smaller default score, but that change
is fairly disruptive.
I
On Wed, 20 Jun 2012 11:33:49 +0200
Per Jessen wrote:
> RW wrote:
>
> > On Wed, 20 Jun 2012 03:25:53 +0200
> > Benny Pedersen wrote:
> >
> >> Den 2012-06-20 03:09, RW skrev:
> >>
> >> > The overwhelming majority of email addresses are never spoofed.
> >
> >> seen from my mta logs off sender add
RW wrote:
> On Wed, 20 Jun 2012 03:25:53 +0200
> Benny Pedersen wrote:
>
>> Den 2012-06-20 03:09, RW skrev:
>>
>> > The overwhelming majority of email addresses are never spoofed.
>
>> seen from my mta logs off sender addresses that miss the smtp auth
>> password here postfix dont agree with yo
RW wrote:
> On Tue, 19 Jun 2012 19:14:11 -0400
> Jeff Mincy wrote:
>
>>From: RW
>>Date: Tue, 19 Jun 2012 23:43:57 +0100
>
>>If used sensibly USER_IN_WHITELIST is probably the most reliable
>> rule we have, for the overwhelming majority of addresses it's far
>> more accurate than spf
John Hardin wrote:
> On Tue, 19 Jun 2012, Benny Pedersen wrote:
>
>> Den 2012-06-19 22:39, Kevin A. McGrail skrev:
>>
>>> I think that's the concept behind the whitelist_from_spf
>>
>> but some use whitelist_from, its nothing new there :=)
>>
>> can user_in_whitelist be changed to not have -100
On Wed, 20 Jun 2012 03:25:53 +0200
Benny Pedersen wrote:
> Den 2012-06-20 03:09, RW skrev:
>
> > The overwhelming majority of email addresses are never spoofed.
> seen from my mta logs off sender addresses that miss the smtp auth
> password here postfix dont agree with you, if sender uses somet
Den 2012-06-20 03:09, RW skrev:
The overwhelming majority of email addresses are never spoofed.
seen from my mta logs off sender addresses that miss the smtp auth
password here postfix dont agree with you, if sender uses something
belongs to my domain i may start asking for passwords, this c
On Tue, 19 Jun 2012 19:14:11 -0400
Jeff Mincy wrote:
>From: RW
>Date: Tue, 19 Jun 2012 23:43:57 +0100
>If used sensibly USER_IN_WHITELIST is probably the most reliable
> rule we have, for the overwhelming majority of addresses it's far
> more accurate than spf based whitelisting. It'
On Tue, 19 Jun 2012, Flemming Jacobsen wrote:
I finally got around to enabling SPF checks in SA.
(v. 3.3.2, via spamd on FreeBSD)
It appears that even though SPF checks fail (i.e. SPF_FAIL),
USER_IN_WHITELIST still adds -100 points to the score.
Since the sender probably is spoofed, should USER
On Tue, 19 Jun 2012, Jeff Mincy wrote:
From: John Hardin
I'd suggest instead a lint warning if it is used, alerting the admin that
it's discouraged and that it has problems like this and is very easy to
spoof.
How about creating a different score for whitelist_from that is
separate fr
From: RW
Date: Tue, 19 Jun 2012 23:43:57 +0100
On Tue, 19 Jun 2012 18:02:28 -0400
Jeff Mincy wrote:
>From: John Hardin
>Date: Tue, 19 Jun 2012 14:44:29 -0700 (PDT)
>
>On Tue, 19 Jun 2012, Benny Pedersen wrote:
>
>> Den 2012-06-19 22:39
On Tue, 19 Jun 2012 18:02:28 -0400
Jeff Mincy wrote:
>From: John Hardin
>Date: Tue, 19 Jun 2012 14:44:29 -0700 (PDT)
>
>On Tue, 19 Jun 2012, Benny Pedersen wrote:
>
>> Den 2012-06-19 22:39, Kevin A. McGrail skrev:
>>
>>> I think that's the concept behind the white
From: John Hardin
Date: Tue, 19 Jun 2012 14:44:29 -0700 (PDT)
On Tue, 19 Jun 2012, Benny Pedersen wrote:
> Den 2012-06-19 22:39, Kevin A. McGrail skrev:
>
>> I think that's the concept behind the whitelist_from_spf
>
> but some use whitelist_from, its nothing new t
Den 2012-06-19 23:44, John Hardin skrev:
I'd suggest instead a lint warning if it is used, alerting the admin
that it's discouraged and that it has problems like this and is very
easy to spoof.
fair, but Flemming might choise some meta like this:
meta WHITELIST_INSECURE_SPF (USER_IN_WHITELIST
On Tue, 19 Jun 2012, Benny Pedersen wrote:
Den 2012-06-19 22:39, Kevin A. McGrail skrev:
I think that's the concept behind the whitelist_from_spf
but some use whitelist_from, its nothing new there :=)
can user_in_whitelist be changed to not have -100 as default score, or is
whitelist_from
On 06/19/2012 11:34 PM, Benny Pedersen wrote:
Den 2012-06-19 22:39, Kevin A. McGrail skrev:
I think that's the concept behind the whitelist_from_spf
but some use whitelist_from, its nothing new there :=)
can user_in_whitelist be changed to not have -100 as default score, or
is whitelist_from
Den 2012-06-19 22:39, Kevin A. McGrail skrev:
I think that's the concept behind the whitelist_from_spf
but some use whitelist_from, its nothing new there :=)
can user_in_whitelist be changed to not have -100 as default score, or
is whitelist_from planned for removements ?
Den 2012-06-19 22:21, Flemming Jacobsen skrev:
It appears that even though SPF checks fail (i.e. SPF_FAIL),
USER_IN_WHITELIST still adds -100 points to the score.
Since the sender probably is spoofed, should USER_IN_WHITELIST
not be ignored/neutral (not sure of the terminology here)?
nope, whi
On 6/19/2012 4:21 PM, Flemming Jacobsen wrote:
Hey
I finally got around to enabling SPF checks in SA.
(v. 3.3.2, via spamd on FreeBSD)
It appears that even though SPF checks fail (i.e. SPF_FAIL),
USER_IN_WHITELIST still adds -100 points to the score.
Since the sender probably is spoofed, should
25 matches
Mail list logo
