You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by JD...@languageworks.com on 2008/05/29 22:19:53 UTC
Whitelisting via MySQL
How can I set-up a whitelist via MySql.....so SA does not check those
addresses that are legit. Any help will much appreciated.
Jeremy Davila
Systems Administrator
Direct: 646-205-2136
The LanguageWorks, Inc.
1123 Broadway, Suite 201
New York, NY 10010
The LanguageWorks, Inc. is an ISO 9001:2000 certified company which:
"Facilitates global communication by providing foreign language
translation, editing, proofreading, and cultural analysis. Additional
services include on-site interpreting and document review, foreign
language page layout, conversion of web sites into multiple languages, and
multilingual voice-overs for radio spots and video productions."
CONFIDENTIALITY NOTICE:
The information in this E-Mail may be confidential and may be legally
privileged. It is intended solely for the addressee(s). If you are not the
intended recipient, any disclosure, copying, distribution or any action
taken or omitted to be taken in reliance on this E-Mail, is prohibited and
may be unlawful. If you have received this E-Mail message in error, notify
the sender by reply E-Mail and delete the message.
Re: Whitelisting via MySQL
Posted by John Hardin <jh...@impsec.org>.
On Fri, 30 May 2008, JDavila@languageworks.com wrote:
> We kinda figured 12K is alot but we want to ensure that our business is
> not interuppted but spam rejection and etc .
Fair enough as a stopgap, but having to put that many whitelist entries in
says there's a problem with either your scoring or your correspondents. :)
> Do you have any suggestions on what can we from a SA point.
Yes, as I said: try to determine why so many legitimate messages are being
scored as spam.
If you can provide us a few samples (including _all_ headers) of false
positives, we might be able to point out problems in your SA
configuration.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Have you ever seen a more scarily useless group of people running
for president? -- Barry@blogspot
-----------------------------------------------------------------------
158 days until the Presidential Election
Re: Whitelisting via MySQL
Posted by JD...@languageworks.com.
John
We kinda figured 12K is alot but we want to ensure that our business is
not interuppted but spam rejection and etc .
I will also check w/ the Exim Forums to see what they say.
Do you have any suggestions on what can we from a SA point.
Thank you again
-Jeremy
On Thu, 29 May 2008, JDavila@languageworks.com wrote:
> We use exim as a MTA. But our legit e-mail get tagged as spam. So I
> wanted to dump our frequent e-mailers and pump into MySql so they can
get
> bypassed. I am using the whitelist_from email command in the local.cf
> file. and that has over 12K entries . The legit email addresses that I
> specified are still getting tagged.
12k whitelisted names?!
I would suggest that whitelisting is not the solution you want to be
pursuing quite yet. Do you understand _why_ so many of your legitimate
correspondents' messages are being scored as "spammy" by SA?
Would it be possible to post a few representative messages (raw format,
all headers intact) to a website somewhere so that we can get some idea of
whether or not the spammy scores are reasonable?
Also, be aware that whitelist_from is a last resort as the From: address
is trivially easy to forge.
> I am still new to SA and Exim. I hope this answer your question , and I
> do appreciate your response/help .
Well, _I_ can't personally help you with exim, but somebody else may if
MTA whitelisting turns out to be an appropriate course of action.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Have you ever seen a more scarily useless group of people running
for president? -- Barry@blogspot
-----------------------------------------------------------------------
159 days until the Presidential Election
Re: Whitelisting via MySQL
Posted by John Hardin <jh...@impsec.org>.
On Thu, 29 May 2008, JDavila@languageworks.com wrote:
> We use exim as a MTA. But our legit e-mail get tagged as spam. So I
> wanted to dump our frequent e-mailers and pump into MySql so they can get
> bypassed. I am using the whitelist_from email command in the local.cf
> file. and that has over 12K entries . The legit email addresses that I
> specified are still getting tagged.
12k whitelisted names?!
I would suggest that whitelisting is not the solution you want to be
pursuing quite yet. Do you understand _why_ so many of your legitimate
correspondents' messages are being scored as "spammy" by SA?
Would it be possible to post a few representative messages (raw format,
all headers intact) to a website somewhere so that we can get some idea of
whether or not the spammy scores are reasonable?
Also, be aware that whitelist_from is a last resort as the From: address
is trivially easy to forge.
> I am still new to SA and Exim. I hope this answer your question , and I
> do appreciate your response/help .
Well, _I_ can't personally help you with exim, but somebody else may if
MTA whitelisting turns out to be an appropriate course of action.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Have you ever seen a more scarily useless group of people running
for president? -- Barry@blogspot
-----------------------------------------------------------------------
159 days until the Presidential Election
Re: Whitelisting via MySQL
Posted by JD...@languageworks.com.
We use exim as a MTA. But our legit e-mail get tagged as spam . So I
wanted to dump our frequent e-mailers and pump into MySql so they can get
bypassed. I am using the whitelist_from email command in the local.cf
file. and that has over 12K entries . The legit email addresses that I
specified are still getting tagged.
I am still new to SA and Exim. I hope this answer your question , and I do
appreciate your response/help .
Thanks again .
Jeremy Davila
Systems Administrator
Direct: 646-205-2136
The LanguageWorks, Inc.
1123 Broadway, Suite 201
New York, NY 10010
The LanguageWorks, Inc. is an ISO 9001:2000 certified company which:
"Facilitates global communication by providing foreign language
translation, editing, proofreading, and cultural analysis. Additional
services include on-site interpreting and document review, foreign
language page layout, conversion of web sites into multiple languages, and
multilingual voice-overs for radio spots and video productions."
CONFIDENTIALITY NOTICE:
The information in this E-Mail may be confidential and may be legally
privileged. It is intended solely for the addressee(s). If you are not the
intended recipient, any disclosure, copying, distribution or any action
taken or omitted to be taken in reliance on this E-Mail, is prohibited and
may be unlawful. If you have received this E-Mail message in error, notify
the sender by reply E-Mail and delete the message.
John Hardin <jh...@impsec.org>
05/29/2008 05:03 PM
To
JDavila@languageworks.com
cc
users@spamassassin.apache.org
Subject
Re: Whitelisting via MySQL
On Thu, 29 May 2008, JDavila@languageworks.com wrote:
> How can I set-up a whitelist via MySql.....so SA does not check those
> addresses that are legit. Any help will much appreciated.
If you don't want SA to check "legit" addresses, then you need to
whitelist them in whatever passes the message to SA for scoring (MTA,
milter, procmail, etc.).
If you use some facility within SA to whitelist, then you can't avoid SA
processing the message - you may be able to minimize the processing
through shortcutting, but SA is still processing the message.
So, what exactly gives the message to SA for scoring in your environment?
Tell us that, and we may be able to provide specific suggestions.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Have you ever seen a more scarily useless group of people running
for president? -- Barry@blogspot
-----------------------------------------------------------------------
159 days until the Presidential Election
Re: Whitelisting via MySQL
Posted by John Hardin <jh...@impsec.org>.
On Thu, 29 May 2008, JDavila@languageworks.com wrote:
> How can I set-up a whitelist via MySql.....so SA does not check those
> addresses that are legit. Any help will much appreciated.
If you don't want SA to check "legit" addresses, then you need to
whitelist them in whatever passes the message to SA for scoring (MTA,
milter, procmail, etc.).
If you use some facility within SA to whitelist, then you can't avoid SA
processing the message - you may be able to minimize the processing
through shortcutting, but SA is still processing the message.
So, what exactly gives the message to SA for scoring in your environment?
Tell us that, and we may be able to provide specific suggestions.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Have you ever seen a more scarily useless group of people running
for president? -- Barry@blogspot
-----------------------------------------------------------------------
159 days until the Presidential Election