-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Dan Mahoney, System Admin schrieb: > Livejournal's purely a mail forwarding service (i.e. there's no way to > POP/IMAP that account) As far as I know, there are mails originating from LJ itself (eg notifications etc)? > and if they can't effect proper controls on how > mail is sent through them, then they shouldn't be trusted at all. > > On my end, I have degrees of control (false MXes, Blacklists, > whitelists, greylists, sender callbacks, etc). I have no such control > over the LJ MX'es. Correct. But by setting (in your local.cf or equivalent) | trusted_networks 204.9.177.18 you are telling SpamAssassin that this relay is not operated by a spammer and that it should apply all black-/whitelist rules etc. to the IP address one more hop away. Then, in the context of SpamAssassin, you regain full control of connection-oriented rules. That's not fully equivalent to having the actual "spamming connection" to deal with, but as close as it gets -- if you need it "closer", you should not use forwarding services. Forwarding services are edge case in spamfiltering. Usually, such a service is itself perfectly trustworthy and not the actual source of spam, and care must be taken not to unduly penalize these services for forwarded spam. > I've proposed a reporting plugin on the sa-users list, that allows (both > for yourself, as well as other whitelists) for the list-owner to be > notified with details of high-spam activity (at which point, I guess, > you guys could pass that on to your whitelisted groups, and/or adjust > categories accordingly. As I've answered before: That's already on the todo list. However, the main problem is not the plugin per se (technically, that is rather simple), but identifying trustworthy submitters. - -- Matthias -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFHFb2/xbHw2nyi/okRAoA7AKDUID8Zyc1vBt+w1qmbP3rrCuxkbQCdFonl PQENNrT9wkrCjvJ2qgnC4K4= =oEOM -----END PGP SIGNATURE-----
