On Tuesday, March 8, 2005, 8:13:05 PM, Robert Menschel wrote: > OK, based on what little discussion there's been so far, here's a > draft proposal for people to think about.
> Summary: A group of volunteers will maintain a collected/distributed > whitelist, using SpamAssassin's whitelist_from_rcvd capabilities, > similar to (but in the opposite direction as) William Stearns' > collected/distributed blacklist at > http://www.stearns.org/sa-blacklist/sa-blacklist.current.cf > Goal: There are public newsletters, services, etc., which a) do not > spam, and b) can easily be mistaken as spam by SpamAssassin for a > variety of reasons (overly aggressive custom rules, wrongly taught > Bayes system, paid advertising listing SURBL URIs, etc). Though > anti-spam devotees see these as opportunities for cleaning up our > system, for the purposes of email reliability we want these emails to > go through unhindered. > Assumption: This activity will focus only on public newsletters, > services, etc., which normally do not contain any private information. > Therefore there will not be any privacy or confidentiality concerns > for the great majority of emails from these sources. > Distribution: The rules file which results from this activity will be > maintained within the SARE system, as file 70_sare_whitelist.cf -- it > can be downloaded manually or via RDJ. This is something that could potentially be useful to SURBLs as a whitelist source (used for exclusion from SURBLs), so I'm in favor of it. Daryl's ideas of a web form feeding a database and a separately named rule to use it within SA seem like good suggestions. Because this would be a centrally maintained, hand-edited list I don't see it occupying the exact same space as SPF. Ultimately something like an RBL may be the best way to get the data out unless the list is relatively static and not too large. As you outline it above it seems like it would be a global publishing of local whitelists where there was strong consensus about what should be whitelisted. That could be a subset of the local whitelist_froms of all SpamAssassin installations. It could also grow into something larger, and that's not necessarily a bad thing. Collecting up SA local whitelist_froms is a reasonable place to start. Jeff C. -- Jeff Chan mailto:[EMAIL PROTECTED] http://www.surbl.org/
