Jari Fredriksson wrote:
Yes, I did read the thread in a hurry.. The original poster wrote about
autowhitelisting so I went in AWL mode.
Anyway, I disabled AWL plugin when I got a spam with a forget sender address,
my own address.. and the AWL put -14 AWL points to that...
My configuration does not use SA on outgoing email, and I never receive mail
from myself. Dunno why AWL had so big points on my email, but it did.
Did you try the check-whitelist script? It might have been interesting
to see what was in there
I thought that AWL is useless, because all spam has random, forged sender
addresses anyways, I hardly never receive spam from a same sender address
twice.. No need to keep statistics on sender addresses.
My configuration also has a setup, which whitelists some addresses alltogether
(at maildrop level; maildrop calls spamc in my setup) so that SA is never
called. The whitelists are in a text file which maildrop reads and decides if
SA is called or not. I have no whitelist_from* in my SA local.cf
Bypassing SA the best sure-fire way to whitelist.. Saves CPU utilization
too.
Whitelisting mail in maildrop level allows some spam to get thru, but not too
much, I can handle those. I understand that a SA whitelist_from_spf or
whitelist_from_rcvd or similar would be better (more accurate) but I want to
keep most of my legit email out of SA because it (SA) is so demanding on
hardware.
It'd be better if your maildrop script accounted for Received or SPF,
but nothing's perfect.. Sounds like you've picked a good trade off. (in
general I oppose use of whitelist_from because you're suffering both the
hit of CPU time and lack of accuracy)
