jdow wrote: > From: "Matt Kettler" <[EMAIL PROTECTED]> > >> Jim Smith wrote: >>> I have been using an email address for all maillists that I >>> subscribe to >>> that doesn't get filtered by SA. Since subscribing to this list, it >>> is now >>> being pounded with spam (gee, who'd guess that a SA list would be >>> harvested >>> and pounded by spammers <grin>). Anyway, I'm going to change email >>> addresses >>> and ditch this one so I can use SA but I'm wondering what I should >>> whitelist. >>> If I do "whitelist_to: users@spamassassin.apache.org" and ditch >>> everything >>> else, will that give me all the SA list emails without the debris? >>> Or do the >>> spammers forge the "to" field enough to make that impractical? >> >> I've never seen them forge it, but that said I'd use >> whitelist_from_rcvd, or whitelist_from_spf. Note that this WILL match >> the return-path header if present at the point you are scanning.. >> >> I also suggest using bayes_ignore commands to prevent bayes >> autoloearning from firing off on list posts: >> >> whitelist_from_spf [EMAIL PROTECTED] >> >> bayes_ignore_to users@spamassassin.apache.org >> bayes_ignore_to spamassassin-users@incubator.apache.org >> bayes_ignore_from [EMAIL PROTECTED] > > For SA lists I simply teach my .procmailrc to skip the SpamAssassin pass > completely. It saves effort. True, and is 100% better in all respects.
That said, I SA at the MTA layer with MailScanner. It can be configured to bypass scanning, but I've so far been to lazy to define a ruleset for it.
