From: "mouss" <[EMAIL PROTECTED]>
Jim Smith wrote:
I have been using an email address for all maillists that I subscribe to
that doesn't get filtered by SA. Since subscribing to this list, it is now
being pounded with spam (gee, who'd guess that a SA list would be harvested
and pounded by spammers <grin>). Anyway, I'm going to change email addresses
and ditch this one so I can use SA but I'm wondering what I should
whitelist.
I am experimenting this:
- have an address for mailing-lists, as you do. now whitelist all the
MLs, and automatically put mailing-list mail in specific folders. Do
this using ML headers such as "Sender", "List-Post", ... , not the To/Cc
headers. both procmail and maildrop can make this easy. Most mail that
doesn't go to its folder stays in Inbox, and is probably spam. One issue
is offlist replies, thus:
- use another (public, not your personal) address as Reply-To. This is
the address where offlist replies go. This is whether you acept offlist
mail or not. but you'll get some legitimate offlist mail anyway.
This way, <[EMAIL PROTECTED]> would be reserved to mail coming
from lists you are subscribed to (actually, you should get a new one,
because some co-listers of you probably have communicated with you on
this address, and may do that again in the future. unfortunately, this
also means resubscribing to all your MLs!).
If I do "whitelist_to: users@spamassassin.apache.org" and ditch everything
else, will that give me all the SA list emails without the debris? Or do the
spammers forge the "to" field enough to make that impractical?
use whitelist_from_rcvd instead. For example:
whitelist_from_rcvd [EMAIL PROTECTED] apache.org
This requires that SA sees the envelope sender (Return-Path or the like,
not the From/Reply-To headers).
With procmail in your .procmailrc file.
===8<---
:0 fw: spamassassin.lock
* < 500000
* !^List-Id: .*(spamassassin\.apache.\org)
| /usr/bin/spamc -t 150 -u #LOGNAME
===8<---
{^_^}
