On Wed, 11 Feb 2015, Rajesh M wrote:
i am using qmailtoaster
when the emails are sent to specified recepients via bcc then there is a header
Delivered-To created which i tried to use to check
however spamassassin does not seem to check Delivered-To header
what could be the problem ?
Wild guess: if qmailtoaster is a milter (or qmail's equivalent), the
Delivered-To header hasn't been added yet at the point the message has
been scanned.
It's possible the message is being scanned before the delivery to
individual mailboxes phase in the MTA, as an efficiency optimization.
Rather than scanning the same message once-per-recipient as would be
needed for a single-recipient Delivered-To: header to be present in the
message, it is scanned once before the delivery phase, then broken out for
the individual mailboxes.
In order to properly do BCC detection, the MTA either needs to provide the
entire envelope recipient list to SA as a separate data channel or in a
pseudo-header, or the scan needs to happen during delivery to individual
mailboxes so the Delivered-To: header or the equivalent notation on the
Received: header is present.
I would strongly suggest that this sort of white/blacklisting is much
better handled by MTA-based access permission lists (the MTA has a better
idea of who the message is from and who it is going to, and likely better
tools to use that information) rather than trying to develop SA rules and
troubleshooting SA glue issues when the rules don't work.
You're kinda asking us how to help you hammer screws in straight.
----- Original Message -----
From: David B Funk [mailto:dbf...@engineering.uiowa.edu]
To: users@spamassassin.apache.org
Sent: Tue, 10 Feb 2015 17:17:32 -0600 (CST)
Subject: Re: rule for restricting incoming email
On Tue, 10 Feb 2015, Benny Pedersen wrote:
Antony Stone skrev den 2015-02-10 21:33:
What happens to an email from u...@abc.com, sent to someone other than
u...@recipient.example.com? Won't that then be whitelisted, even though
whoever it's addressed to hasn't asked for that (only user@recipient asked
for
this treatment)?
yes add all recipient to blacklist_to, missing that will be whitelist, but
only from whiteliste_from senders
Also, does "blacklist_to u...@recipient.example.org" match on emails where
u...@recipient.example.org is only a BCC address?
spamassassin does not see bcc anyway imho
A "BCC"ed recipient doesn't show up in a 'To/Cc' header (the whole point
of 'Bcc') but obviously must be listed in the envelope recipient list.
(assuming the "glue" your using in your system exposes that info to SA).
The blacklist_to/whitelist_to will work on the envelope recipient list
so (assuming your "glue" is right) Bcc shouldn't be a problem.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
For those who are being swayed by Microsoft's whining about the
GPL, consider how aggressively viral their Shared Source license is:
If you've *ever* seen *any* MS code covered by the Shared Source
license, you're infected for life. MS can sue you for Intellectual
Property misappropriation whenever they like, so you'd better not
come up with any Innovative Ideas that they want to Embrace...
-----------------------------------------------------------------------
Tomorrow: Abraham Lincoln's and Charles Darwin's 206th Birthdays
