Jim Smith wrote: > I have been using an email address for all maillists that I subscribe to > that doesn't get filtered by SA. Since subscribing to this list, it is now > being pounded with spam (gee, who'd guess that a SA list would be harvested > and pounded by spammers <grin>). Anyway, I'm going to change email addresses > and ditch this one so I can use SA but I'm wondering what I should > whitelist. > > If I do "whitelist_to: users@spamassassin.apache.org" and ditch everything > else, will that give me all the SA list emails without the debris? Or do the > spammers forge the "to" field enough to make that impractical?
I've never seen them forge it, but that said I'd use whitelist_from_rcvd, or whitelist_from_spf. Note that this WILL match the return-path header if present at the point you are scanning.. I also suggest using bayes_ignore commands to prevent bayes autoloearning from firing off on list posts: whitelist_from_spf [EMAIL PROTECTED] bayes_ignore_to users@spamassassin.apache.org bayes_ignore_to spamassassin-users@incubator.apache.org bayes_ignore_from [EMAIL PROTECTED]
