RW wrote: > On Tue, 19 Jun 2012 19:14:11 -0400 > Jeff Mincy wrote: > >> From: RW <rwmailli...@googlemail.com> >> Date: Tue, 19 Jun 2012 23:43:57 +0100 > >> If used sensibly USER_IN_WHITELIST is probably the most reliable >> rule we have, for the overwhelming majority of addresses it's far >> more accurate than spf based whitelisting. It's not always right to >> treat users as idiots. >> >> Huh? What you mean by used sensibly? > > I mean, don't use it on well-known addresses, or if you're a candidate > for spear-phishing and can't be trusted not to fall for it. Don't > whitelist domains unless they are extremely obscure. > >> whitelist_from_rcvd is very reliable. > > Not if someone sends an email through a different mail system,
I think that is what "whitelist_allows_relays" is intended to take care of. -- Per Jessen, Zürich (23.2°C)
