>At 10:58 AM 8/14/2003 -0700, Greg Webster wrote:
>>'[EMAIL PROTECTED]' is not in our whitelist, and neither is '[EMAIL PROTECTED]' or
>>any variant.
>>
>>It appears that there is a problem with the USER_IN_WHITELIST regexp
>to>me, but I may be mistaken. I can't think of any other way that this
>>would have made it through. Help?
>
>is [EMAIL PROTECTED] in your whitelist_from?
>
>If so, then the rule properly matched the Return-Path header.
How so? The spammer is 'From: [EMAIL PROTECTED]' and 'To:
[EMAIL PROTECTED]' is a user inside our domain. Yes, we have [EMAIL PROTECTED]
whitelisted, but not [EMAIL PROTECTED]
I'm boggled here...how is the Return-Path getting our local user
('[EMAIL PROTECTED]')? Shouldn't this be the spammers address in the From
header? If whitelisting works this way, and somehow the spammer is
setting the Return-Path to the recipients address, then how can we trust
it for whitelisting?
Please explain, I'm very confused now.
Greg
--
Greg Webster - [EMAIL PROTECTED]
In-Touch Software Corporation
Ph: (604)278-0515 - Fax: (604)608-3112
-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
