Jeff Mincy <[EMAIL PROTECTED]> writes:

>    Agreed. whitelist_from sucks. However, it's there as a method of
>    last-resort. There are some messages you can't whitelist in SA using any
>    other method. (ie: when the sender's server doesn't have reverse DNS).
>    
> Since whitelist_from is spoofable wouldn't it make sense to have
> different scores assigned to whitelist_from and whitelist_from_rcvd?
> Right now if an email is in either you get a hit on USER_IN_WHITELIST,
> which is scored at a -100 by default.  So split out
> USER_IN_RCVD_WHITELIST hits from USER_IN_WHITELIST.

I use whitelist_from to be sure I whitelist mail from some people (not
part of my organization).  For those addreses, it's better to get FN on
spam than a single FP.  I don't know what IP addresses they use, and
they keep changing.  So the 'better' whitelist rules won't work.

I have sometimes wanted a way to give a per-rule score for whitelist
entries, instead of a fixed -100.  But not enough to implement it :-)


Attachment: pgplJGqhwfxdz.pgp
Description: PGP signature

Reply via email to