You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Justin Mason <jm...@jmason.org> on 2005/03/10 19:01:08 UTC

Re: Whitelist IP Address 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


It's extremely trivial to add as a normal regexp rule:

    header MY_WHITELIST_1   Received =~ /\[111.222.11.22\]/
    score MY_WHITELIST_1    -5

That's the main reason we haven't added it yet ;)

- --j.

Mikael Hakman writes:
> Wouldn't you all agree that blocking or letting through emails sent from or 
> relayed by specified IP addresses and subnets is quite a basic 
> functionality? In a sense it is more basic than doing the same with DNS 
> names and SMTP addresses because all those names ultimately resolve to IP 
> numbers. All communication (routing) on the Internet is done by numbers not 
> by names.
> 
> Then why can't we have such a generic rule built-in into SA? Creating custom 
> header rules is ok as long as you want to recognize particular IP host 
> addresses and subnets with IP ranges on whole byte boundary. In the general 
> case however you have to do bitwise AND between address from SMTP header and 
> a subnet mask and compare the result to the result of doing bitwise AND 
> between subnet address and the same subnet mask. AFAIK this is not possible 
> to do in SA custom header rules unless you find a way to express this as a 
> Perl regular expression for pattern matching. Then why can't we have a 
> test/rule, say, WHITELIST_NUMERIC_IP and BLACKLIST_NUMERIC_IP that take IP 
> number and subnet mask as arguments and does this double AND operation and 
> comparison against each IP number from Received headers?
> 
> To all who do not understand why so many people want to work with IP numbers 
> rather than with DSN names or SMTP addresses:
> 
> When an SMTP server receives email it knows IP number of the sender (relay). 
> It knows it from IP packet header source IP address. This number is 
> independent of what sender's SMTP server says he is. This is because both 
> SMTP and the underlying TCP require sending IP packets in both directions 
> for this reception process to succeed. Therefore at the time an SMTP server 
> receives email from an IP then it knows that this IP is real, it exists, and 
> is world-reachable through the global routing system. Therefore it can be 
> traced and you cannot forge it. Each IP number belongs to a range of IP 
> addresses (subnet) managed by a known authority. Each such authority has 
> received its IP range from yet another higher known authority etc. until you 
> reach the top (RIPE etc). Contrary to DNS names you cannot simply buy or 
> register an unrelated IP number and therefore IP numbers are much more 
> difficult to forge and easier to trace  than names.
> 
> ----- Original Message ----- 
> From: "Matt Kettler" <mk...@evi-inc.com>
> To: <mi...@mcarlson.net>; <us...@spamassassin.apache.org>
> Sent: Thursday, March 10, 2005 1:55 AM
> Subject: Re: Whitelist IP Address
> 
> > At 07:49 PM 3/9/2005, Mike Carlson wrote:
> >>How do you whitelist an IP address? I want to allow all email from a
> >>specific IP address to pass through the filter without being tagged as 
> >>spam.
> >>
> >>I added all 4 IP addresses of the server to the trusted networks list,
> >>but that didnt seem to do it.
> >
> > Pretty much the only way I know of is to make a custom header rule that 
> > looks for a Received: header that came from that IP.
> >
> > __________ NOD32 1.1022 (20050309) Information __________
> >
> > This message was checked by NOD32 antivirus system.
> >  part000.txt - is OK
> >
> > http://www.nod32.com
> >
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Exmh CVS

iD8DBQFCMItkMJF5cimLx9ARAvnsAJsGHNAJUTTZaqgu50i1VX9bG1D1nACffpMU
Ub0TaNoujfBcyNeELMybNng=
=hx/7
-----END PGP SIGNATURE-----