You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by jdow <jd...@earthlink.net> on 2005/07/27 00:03:23 UTC

SARE Whitelist candidate

whitelist_from_rcvd   *@fidelity2.m0.net              fidelity2.m0.net
      Fidelity Investment's Newsletters


{^_^}

Re: SARE Whitelist candidate

Posted by Robert Menschel <Ro...@Menschel.net>.

Hello jdow,

Tuesday, July 26, 2005, 3:03:23 PM, you wrote:

j> whitelist_from_rcvd   *@fidelity2.m0.net              fidelity2.m0.net
j>       Fidelity Investment's Newsletters

Got it.  Thanks.  Will validate, and then publish shortly.

Bob Menschel

Re[2]: SARE Whitelist candidate

Posted by Robert Menschel <Ro...@Menschel.net>.

Hello Andy,

Wednesday, July 27, 2005, 7:13:01 AM, you wrote:

AJ> Didn't know there was a SARE whitelist.

Discussed on this list a few months back, while experimenting with it
on my own system. Then announced it here when published, but otherwise
it's been quiet. Worth mentioning from time to time...

AJ> Here'sanother Fidelity E-Mail address we whitelist:
AJ> fidelityinvestments@fulfillmentconcepts.com

Thanks, but I need more than just the email address.  It's much, much
too easy for spammers to forge/fake an email address in their From
header.

We use the whitelist_from_rcvd directive instead,
> whitelist_from_rcvd  EmailAddress  ServerDomain

SpamAssassin identifies which Received headers are trusted (belong to
your system, or otherwise are trusted to pass you accurate information
about the upstream/sending server).  It compares the sending server in
the last of these against the ServerDomain parameter.

Only if both the email address pattern and the server domain match is
the email whitelisted.

Even if the spammer fakes the email address, and generates a bogus
Received header with the server domain, that received header will not
be trusted (it wasn't generated by your system), and therefore the
email won't be whitelisted in error.

If you can send me a copy of the email, or at least its full headers
(no need for any of the confidential information that might be in the
body), I can identify the correct server domain to include in the
directive.

Bob Menschel

Re: SARE Whitelist candidate

Posted by Andy Jezierski <aj...@stepan.com>.

"jdow" <jd...@earthlink.net> wrote on 07/26/2005 05:03:23 PM:

> whitelist_from_rcvd   *@fidelity2.m0.net              fidelity2.m0.net
>       Fidelity Investment's Newsletters
> 
> 
> {^_^}
> 


Didn't know there was a SARE whitelist.  Here's another Fidelity E-Mail 
address we whitelist:

fidelityinvestments@fulfillmentconcepts.com

Andy