On Sat, Jun 01, 2002 at 01:17:41PM -0700, Craig R Hughes wrote: | dman wrote: | | d> | whitelist_from *root* | d> | d> How about | d> whitelist_from *root*Cron Daemon* | | I think the whitelist checks against the address part, and not the "Real Name" | or (Comment Name) parts. So *root* or root* should work here.
Ok.
[craig also wrote, in a different message]
| I think you're wrong -- SA now parses addresses more or less
| according to the RFCs. Certainly the two format you listed are
| covered, but the whitelist mechanism is trying to match the address
| part, not the real name.
I could be wrong. I remember, a while back, some instances where
certain rules that checked addresses wouldn't handle the "addr (name)"
form.
| d> ...
| d> | OK, yeah, that looks like a good way to go. Maybe extend it to:
| d> | header CRON X-Cron-Env =~ /\w/ which is even less likely to be present
| d> | in a header if not a real cron message.
| d>
| d> Unless a spammer decides to add it just to trigger that rule.
|
| Most spammers aren't that sophisticated, nor do many have the
| ability easily to add arbitrary headers. In any case, I think
| that's probably a pretty decent rule -- we can set the score to
| something small but -ve and let the GA figure out a good score for
| the 2.30 release.
Remember the notification, a while back, that some spammers track the
SA lists to stay one step ahead and find ways to trick SA. Keep the
score small (close to 0) and see how things go. If we try the tactic
of effectively whitelisting certain properties and then reacting when
spammers abuse it we'll always be one step behind them. That's my
only concern with adding stuff like that to the release.
-D
--
Be sure of this: The wicked will not go unpunished,
but those who are righteous will go free.
Proverbs 11:21
GnuPG key : http://dman.ddts.net/~dman/public_key.gpg
msg05930/pgp00000.pgp
Description: PGP signature
