You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Justin Mason <jm...@jmason.org> on 2005/03/10 19:01:08 UTC
Re: Whitelist IP Address
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It's extremely trivial to add as a normal regexp rule:
header MY_WHITELIST_1 Received =~ /\[111.222.11.22\]/
score MY_WHITELIST_1 -5
That's the main reason we haven't added it yet ;)
- --j.
Mikael Hakman writes:
> Wouldn't you all agree that blocking or letting through emails sent from or
> relayed by specified IP addresses and subnets is quite a basic
> functionality? In a sense it is more basic than doing the same with DNS
> names and SMTP addresses because all those names ultimately resolve to IP
> numbers. All communication (routing) on the Internet is done by numbers not
> by names.
>
> Then why can't we have such a generic rule built-in into SA? Creating custom
> header rules is ok as long as you want to recognize particular IP host
> addresses and subnets with IP ranges on whole byte boundary. In the general
> case however you have to do bitwise AND between address from SMTP header and
> a subnet mask and compare the result to the result of doing bitwise AND
> between subnet address and the same subnet mask. AFAIK this is not possible
> to do in SA custom header rules unless you find a way to express this as a
> Perl regular expression for pattern matching. Then why can't we have a
> test/rule, say, WHITELIST_NUMERIC_IP and BLACKLIST_NUMERIC_IP that take IP
> number and subnet mask as arguments and does this double AND operation and
> comparison against each IP number from Received headers?
>
> To all who do not understand why so many people want to work with IP numbers
> rather than with DSN names or SMTP addresses:
>
> When an SMTP server receives email it knows IP number of the sender (relay).
> It knows it from IP packet header source IP address. This number is
> independent of what sender's SMTP server says he is. This is because both
> SMTP and the underlying TCP require sending IP packets in both directions
> for this reception process to succeed. Therefore at the time an SMTP server
> receives email from an IP then it knows that this IP is real, it exists, and
> is world-reachable through the global routing system. Therefore it can be
> traced and you cannot forge it. Each IP number belongs to a range of IP
> addresses (subnet) managed by a known authority. Each such authority has
> received its IP range from yet another higher known authority etc. until you
> reach the top (RIPE etc). Contrary to DNS names you cannot simply buy or
> register an unrelated IP number and therefore IP numbers are much more
> difficult to forge and easier to trace than names.
>
> ----- Original Message -----
> From: "Matt Kettler" <mk...@evi-inc.com>
> To: <mi...@mcarlson.net>; <us...@spamassassin.apache.org>
> Sent: Thursday, March 10, 2005 1:55 AM
> Subject: Re: Whitelist IP Address
>
> > At 07:49 PM 3/9/2005, Mike Carlson wrote:
> >>How do you whitelist an IP address? I want to allow all email from a
> >>specific IP address to pass through the filter without being tagged as
> >>spam.
> >>
> >>I added all 4 IP addresses of the server to the trusted networks list,
> >>but that didnt seem to do it.
> >
> > Pretty much the only way I know of is to make a custom header rule that
> > looks for a Received: header that came from that IP.
> >
> > __________ NOD32 1.1022 (20050309) Information __________
> >
> > This message was checked by NOD32 antivirus system.
> > part000.txt - is OK
> >
> > http://www.nod32.com
> >
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Exmh CVS
iD8DBQFCMItkMJF5cimLx9ARAvnsAJsGHNAJUTTZaqgu50i1VX9bG1D1nACffpMU
Ub0TaNoujfBcyNeELMybNng=
=hx/7
-----END PGP SIGNATURE-----