Matt Kettler wrote:
Theo Van Dinter wrote:
On Fri, Sep 22, 2006 at 04:01:20AM -0400, Matt Kettler wrote:
The moral here is NEVER use whitelist_from.
...does this indicate that whitelist_from should be obsoleted?
should, yes.. will be, probably not.
Well, there is a need and are uses for whitelist_from, specifically when the
other options aren't available. Have a customer who sends you mail, but they
don't have proper rDNS setup nor SPF nor ... ?
I do agree with your point, and that's the reason why I said it probably
will not be obsoleted.
However, the guy with no rDNS nor SPF isn't very likely to be able to
send mail to very many places at all. Now that major ISPs (ie: AOL) are
blocking servers with no RDNS, it's only a matter of time before this
becomes standard practice and he won't be able to send mail anywhere.
Also, I personally view ANY spamassassin whitelisting feature as a
measure of last resort. It's generally better to whitelist by
configuring your tools to not call SA in the first place. You have more
reliable envelope information, AND you gain CPU usage benefits.
Unfortunately, I've never had to use whitelist_from for RDNS/SPF
problems. What I've had to use it for is that shipping companies
(Customs Brokers, freight forwarders, warehousers) tend to write
_everything_ in all caps, no matter what. Forms for the government,
online databases, you name it, it's one case, and that's upper.
Needless to say, that causes SA to blow up on it, and claim that all of
the emails going in and out are spam. Since I _want_ caps to generally
set off SA, I end up with a list of shipping related companies that I
whitelist_from by default.
BW
