On Sun, 2009-01-04 at 21:51 -0800, Bijayant wrote: > 2) What should I do to whitelist the senders because, if I will whitelist > the senders then it will not check for the Spam and the mail will passed > without the spam TAG. > I have a database containing an automatically built list of everybody I've sent mail to that I use as an automatic whitelist.
I created a plugin by modifying the SentOutDB.pm plugin I found at http://whatever.frukt.org/ - you may not need to do this, but I had to since that's a MySQL plugin and I run PostgreSQL. That's used in the following rule set: describe MA_WHITELIST Mail Archive holds mail sent to this sender header __MA_WL1 eval:MAwhitelist_reply() header __MA_WL2 From =~ /\...@mydomain.com/i header __MA_WL3 From =~ /myse...@users\.sourceforge\.net/i meta MA_WHITELIST (__MA_WL1 && (__MA_WL2==0 && __MA_WL3==0)) score MA_WHITELIST -50.0 where 'mydomain' is my domain name and 'myself' is my login at sourceforge. The subrules __MA_WL2 and __MA_WL3 are used to prevent messages with myself as a forged sender being whitelisted. 'mydomain' appears as a sender as a result of test messages I've sent and source forge appears as the inevitable result of sending messages to other project owners. This is a straight-forward if simple-minded solution to the 'self-as-forged-sender' problem. As the whitelist is simply a data base view a better solution would be to add a 'self' flag to the address list and exclude addresses that carry it from the whitelist view. That is on my enhancements list: apart from this issue this whitelisting scheme works well. Martin
