Jeff Mincy <[EMAIL PROTECTED]> writes: > Agreed. whitelist_from sucks. However, it's there as a method of > last-resort. There are some messages you can't whitelist in SA using any > other method. (ie: when the sender's server doesn't have reverse DNS). > > Since whitelist_from is spoofable wouldn't it make sense to have > different scores assigned to whitelist_from and whitelist_from_rcvd? > Right now if an email is in either you get a hit on USER_IN_WHITELIST, > which is scored at a -100 by default. So split out > USER_IN_RCVD_WHITELIST hits from USER_IN_WHITELIST.
I use whitelist_from to be sure I whitelist mail from some people (not part of my organization). For those addreses, it's better to get FN on spam than a single FP. I don't know what IP addresses they use, and they keep changing. So the 'better' whitelist rules won't work. I have sometimes wanted a way to give a per-rule score for whitelist entries, instead of a fixed -100. But not enough to implement it :-)
pgplJGqhwfxdz.pgp
Description: PGP signature