You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by William Taylor <wi...@corp.sonic.net> on 2010/09/08 01:11:24 UTC
unblacklist_from_rcvd
I want to be able to only allow a certain email to be sent from one of several hosts.
Currently im doing something like:
blacklist_from sales@foo.com
whitelist_from_rcvd sales@foo.com mail.foo.com
whitelist_from_rcvd sales@foo.com sales.foo.com
This doesn't really do what I want because the blacklist and whitelist scores cancel each other out.
I saw talk in the past (2002?) about adding a unblacklist_from_rcvd
what I really want is a
blacklist_from sales@foo.com
unblacklist_from_rcvd sales@foo.com mail.foo.com
OR
only_allow_from_rcvd sales@foo.com mail.foo.com
What are my options for to accomplish this?
Thanks,
William
Re: unblacklist_from_rcvd
Posted by William Taylor <wi...@corp.sonic.net>.
On Sep 7, 2010, at 6:36 PM, Matt Kettler wrote:
> On 9/7/2010 7:11 PM, William Taylor wrote:
>> I want to be able to only allow a certain email to be sent from one of several hosts.
>>
>> Currently im doing something like:
>>
>> blacklist_from sales@foo.com
>> whitelist_from_rcvd sales@foo.com mail.foo.com
>> whitelist_from_rcvd sales@foo.com sales.foo.com
>>
>> This doesn't really do what I want because the blacklist and whitelist scores cancel each other out.
>>
>> I saw talk in the past (2002?) about adding a unblacklist_from_rcvd
>>
>> what I really want is a
>> blacklist_from sales@foo.com
>> unblacklist_from_rcvd sales@foo.com mail.foo.com
>>
>> OR
>>
>> only_allow_from_rcvd sales@foo.com mail.foo.com
>>
>>
>> What are my options for to accomplish this?
> SA does not have any support for this.
>
> The unblacklist commands do exist, but will only remove an entry that they match *EXACTLY*. Their function is implemented as "if this is found, delete it", and are intended to allow a user_prefs to completely delete site-wide white/blacklist entries. They cannot be used to create a blacklist with "holes" in it.
>
> You can negate a blacklist with a whitelist, but the scores simply offset, as you've seen.
>
> It is possible to change the scores of the whitelist rule, to make it larger in magnitude than the blacklist rule, and thus keeping some negative score..
> i.e: adding this to your local.cf:
>
> score USER_IN_WHITELIST -120.000
>
> Would cause any white/black overlap to result in a -20 score. However, any whitelists without overlap would now get -120 instead of -100... That may or may not be an issue for you, but it is one approach to the problem you have.
>
>
> see also man Mail::SpamAssassin::Conf:
>
> unwhitelist_from_rcvd add@ress.com
> Used to override a default whitelist_from_rcvd entry, so for example
> a distribution whitelist_from_rcvd can be overridden in a local.cf
> file, or an individual user can override a whitelist_from_rcvd entry
> in their own "user_prefs" file.
>
> The specified email address has to match exactly the address
> previously used in a whitelist_from_rcvd line.
>
Yes I already looked at the docs && code and saw how they match.
I figured a "black list address if not received through this host" feature would be a pretty desirable feature for folks especially larger companies with large use bases that have addresses like sales/support etc.
I guess I could hack something in but figured I would ask first to make sure the code didn't exist out there somewhere first.
Re: unblacklist_from_rcvd
Posted by Matt Kettler <mk...@verizon.net>.
On 9/7/2010 7:11 PM, William Taylor wrote:
> I want to be able to only allow a certain email to be sent from one of several hosts.
>
> Currently im doing something like:
>
> blacklist_from sales@foo.com
> whitelist_from_rcvd sales@foo.com mail.foo.com
> whitelist_from_rcvd sales@foo.com sales.foo.com
>
> This doesn't really do what I want because the blacklist and whitelist scores cancel each other out.
>
> I saw talk in the past (2002?) about adding a unblacklist_from_rcvd
>
> what I really want is a
> blacklist_from sales@foo.com
> unblacklist_from_rcvd sales@foo.com mail.foo.com
>
> OR
>
> only_allow_from_rcvd sales@foo.com mail.foo.com
>
>
> What are my options for to accomplish this?
SA does not have any support for this.
The unblacklist commands do exist, but will only remove an entry that
they match *EXACTLY*. Their function is implemented as "if this is
found, delete it", and are intended to allow a user_prefs to completely
delete site-wide white/blacklist entries. They cannot be used to create
a blacklist with "holes" in it.
You can negate a blacklist with a whitelist, but the scores simply
offset, as you've seen.
It is possible to change the scores of the whitelist rule, to make it
larger in magnitude than the blacklist rule, and thus keeping some
negative score..
i.e: adding this to your local.cf:
score USER_IN_WHITELIST -120.000
Would cause any white/black overlap to result in a -20 score. However,
any whitelists without overlap would now get -120 instead of -100...
That may or may not be an issue for you, but it is one approach to the
problem you have.
see also man Mail::SpamAssassin::Conf:
unwhitelist_from_rcvd add@ress.com
Used to override a default whitelist_from_rcvd entry, so for example
a distribution whitelist_from_rcvd can be overridden in a local.cf
file, or an individual user can override a whitelist_from_rcvd entry
in their own "user_prefs" file.
The specified email address has to match exactly the address
previously used in a whitelist_from_rcvd line.