Ilya Vishnyakov wrote: > Hello Spamassassin Gurus! > I have the spam email, showing that it was sent from our user (from > [EMAIL PROTECTED] to [EMAIL PROTECTED]) How do I whitelist the spam > email like this one? I suspect you mean how do you not whitelist the spam.
The answer is simple. do not use whitelist_from, for anything. It is particularly important to not do this for your own domain. Use whitelist_from_rcvd instead, which takes a second parameter that checks a substring of the server name in the Received: headers. This makes it reasonably resistant to forgery. see man Mail::SpamAssassin::Conf for more details on whitelist_from_rcvd and its syntax. If that's not clear, please feel free to ask further questions on the list.
