On 10/5/10 10:40 AM, Alex wrote:
Hi,
I have an email that I'm trying to whitelist using whitelist_from_rcvd
and it's not working as I expect. I've created an entry:
whitelist_from_rcvd u...@lanyon.com savvis.net
Here is the corresponding received header:
X-Envelope-From:<u...@lanyon.com>
Received: from S253906HZ1EW06.usstls6-hosting.savvis.net (unknown
[209.16.192.170])
Is it because there is no reverse DNS entry?
yes
Also, am I somehow not using the AWL correctly? It's actually adding
points and not subtracting them:
* 0.0 RELAYCOUNTRY_US Relayed through United States
* 0.3 LOC_RCVD_UNK Contains unknown IP in Received header
* 1.4 BOTNET Relay might be a spambot or virusbot
*
[botnet0.8,ip=209.16.192.170,rdns=Lanyon.com,maildomain=lanyon.com,baddns]
* 0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
* 1.0 FILL_THIS_FORM_LONG Fill in a form with personal information
* 1.0 FILL_THIS_FORM Fill in a form with personal information
* 1.5 FILL_THIS_FORM_FRAUD_PHISH Answer suspicious question(s)
* 0.7 AWL AWL: From: address is in the auto white-list
Under what circumstances would this happen?
AWL is NOT an 'auto whitelist'. and is not used by default configs
anymore.
instead of including the massive volume of documentation on what AWL is
and is not, just google.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300
> *| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best in Email Security,2010: Network Products Guide
* King of Spam Filters, SC Magazine 2008
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
