On 9/17/2010 10:55 AM, Lawren Quigley-Jones wrote: > I've been repeatedly running into problems where dns white-lists have > been causing false negatives in spam. Valid looking headers are being > injected at the beginning of emails which are tripping dns whitelists > (see below). As a result I've been slowly disabling dns whitelist rules: > score HABEAS_ACCREDITED_COI 0 > score HABEAS_ACCREDITED_SOI 0 > score RCVD_IN_DNSWL_MED 0 > score RCVD_IN_BSP_TRUSTED 0 > score RCVD_IN_DNSWL_HI 0 > > I'm running SpamAssassin on ubuntu hardy: spamassassin 3.2.4-1ubuntu1.2 > > Has anyone else been seeing this? Is this a mis-configuration on my > part? Is there anything I can do to get SpamAssassin to check only > the last header and ignore anything below that?
If you have your trusted_networks and internal_networks set properly, then the whitelists should only fire on trusted headers. If you do not specify these, then SA will take its best guess. Fake headers inserted by the sender should not affect a properly configured SA. -- Bowie
