You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Rick Knight <ri...@rlknight.com> on 2010/01/22 04:24:03 UTC
Whitelist on List-ID
I belong to several mailing lists and newsgroups. Messages from one
particular list is almost always marked as spam by spamassassin. I've
tried to whitelist this group but the from header matches the address of
the original message sender, not the group address. Is there a way to
whitelist on the List-ID header?
Thanks,
Rick
Re: Whitelist on List-ID
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
> Rick Knight <ri...@rlknight.com> writes:
>
> > -0.0 DKIM_VERIFIED Domain Keys Identified Mail: signature
> > passes verification
> > 0.0 DKIM_SIGNED Domain Keys Identified Mail: message has a
> > signature
On 23.01.10 15:46, Greg Troxel wrote:
> I supsect this isn't your issue, but I have been finding that DKIM
> signature often fail to validate on list mail, and I think it's becaues
> they cover Subject: and the lists munge subject. Thus DKIM detects the
> tampering...
Heh, another good reason NOT to modify subject by the list software. :)
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Spam is for losers who can't get business any other way.
Re: Whitelist on List-ID
Posted by Greg Troxel <gd...@ir.bbn.com>.
Rick Knight <ri...@rlknight.com> writes:
> -0.0 DKIM_VERIFIED Domain Keys Identified Mail: signature
> passes verification
> 0.0 DKIM_SIGNED Domain Keys Identified Mail: message has a
> signature
I supsect this isn't your issue, but I have been finding that DKIM
signature often fail to validate on list mail, and I think it's becaues
they cover Subject: and the lists munge subject. Thus DKIM detects the
tampering...
Re: Whitelist on List-ID
Posted by Rick Knight <ri...@rlknight.com>.
Mike Cardwell wrote:
> On 22/01/2010 04:05, Matt Kettler wrote:
>
>> Alex, if whitelist_from doesn't work, whitelist_from_rcvd won't either.
>> That's *more* restrictive, not less.
>>
>> Rick, if you've been using "users@spamassassin.apache.org" try using
>> *@spamassassin.apache.org instead. If you've got envelope FROM headers
>> added (ie: Return-Path), this should match them. The return-path for
>> this list is of the general format:
>>
>> users-return-86375-mkettler_sa=verizon.net@spamassassin.apache.org
>
> Don't forget "whitelist_from_spf" and "whitelist_from_dkim". If
> SPF/DKIM are available, you're better off using them than
> "whitelist_from" or even "whitelist_from_rcvd". Personally I use this
> to whitelist all Apache mailing lists, including the SpamAssassin one:
>
> whitelist_from_spf *@*.apache.org
>
I see this in the headers of all the messages from this group...
v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoogroups.com; s=lima;
t=1264217926; bh=NprgjkDjsJLd2QWQwGRr0PMcYicrF1nZOOdpX5Xpflo=;
h=Received:Received:X-Yahoo-Newman-Id:Received:Received:Received:DKIM-Signature:Received:Received:X-Sender:X-Apparently-To:X-Received:X-Received:X-Received:X-Received:X-Received:X-Received:X-Received:Message-ID:X-YMail-OSG:X-Received:X-Mailer:To:X-Originating-IP:X-eGroups-Msg-Info:From:X-Yahoo-Profile:X-eGroups-Approved-By:Sender:MIME-Version:Mailing-List:Delivered-To:List-Id:Precedence:List-Unsubscribe:Date:Subject:X-Yahoo-Newman-Property:Content-Type;
b=N+dKX5lx0vNHUqv2hWm+eCfGzHvChL6Jp8XYHO2uq/A+HJUct0oRgnpqlNiIkxXezOHEu6kgqJfR3gmyC5cQaM8oeksq9Lr+d+MQSdOS9n8ezVHIxtCYLHDqfAK2VoeU
and this in the SA report...
-0.0 DKIM_VERIFIED Domain Keys Identified Mail: signature
passes verification
0.0 DKIM_SIGNED Domain Keys Identified Mail: message has a
signature
so I've added
whitelist_from_dkim *@yahoogroups.com
to my local.cf. It didn't seem to make any difference. I do have dkim
checks enabled. Am I using this incorrectly?
Thanks,
Rick
Re: Whitelist on List-ID
Posted by Rick Knight <ri...@rlknight.com>.
Mike Cardwell wrote:
> On 22/01/2010 04:05, Matt Kettler wrote:
>
>> Alex, if whitelist_from doesn't work, whitelist_from_rcvd won't either.
>> That's *more* restrictive, not less.
>>
>> Rick, if you've been using "users@spamassassin.apache.org" try using
>> *@spamassassin.apache.org instead. If you've got envelope FROM headers
>> added (ie: Return-Path), this should match them. The return-path for
>> this list is of the general format:
>>
>> users-return-86375-mkettler_sa=verizon.net@spamassassin.apache.org
>
> Don't forget "whitelist_from_spf" and "whitelist_from_dkim". If
> SPF/DKIM are available, you're better off using them than
> "whitelist_from" or even "whitelist_from_rcvd". Personally I use this
> to whitelist all Apache mailing lists, including the SpamAssassin one:
>
> whitelist_from_spf *@*.apache.org
>
Thanks for all of the suggestions. I'm going to try
whitelist_from_dkim *@yahoogroups.com
I'll post back here with results.
Thanks again,
Rick
Re: Whitelist on List-ID
Posted by Mike Cardwell <sp...@lists.grepular.com>.
On 22/01/2010 04:05, Matt Kettler wrote:
> Alex, if whitelist_from doesn't work, whitelist_from_rcvd won't either.
> That's *more* restrictive, not less.
>
> Rick, if you've been using "users@spamassassin.apache.org" try using
> *@spamassassin.apache.org instead. If you've got envelope FROM headers
> added (ie: Return-Path), this should match them. The return-path for
> this list is of the general format:
>
> users-return-86375-mkettler_sa=verizon.net@spamassassin.apache.org
Don't forget "whitelist_from_spf" and "whitelist_from_dkim". If SPF/DKIM
are available, you're better off using them than "whitelist_from" or
even "whitelist_from_rcvd". Personally I use this to whitelist all
Apache mailing lists, including the SpamAssassin one:
whitelist_from_spf *@*.apache.org
--
Mike Cardwell : UK based IT Consultant, Perl developer, Linux admin
Cardwell IT Ltd. : UK Company - http://cardwellit.com/ #06920226
Technical Blog : Tech Blog - https://secure.grepular.com/
Spamalyser : Spam Tool - http://spamalyser.com/
Re: Whitelist on List-ID
Posted by Alex <my...@gmail.com>.
Hi,
>> Try whitelist_from_rcvd instead:
>>
>> http://spamassassin.apache.org/full/3.1.x/doc/Mail_SpamAssassin_Conf.html
> Alex, if whitelist_from doesn't work, whitelist_from_rcvd won't either.
> That's *more* restrictive, not less.
Yes, good point, thanks. I didn't think he was using any of the
whitelist_from* because it's pretty simple to use and never heard of
someone having a problem.
> Rick, if you've been using "users@spamassassin.apache.org" try using
> *@spamassassin.apache.org instead. If you've got envelope FROM headers
> added (ie: Return-Path), this should match them. The return-path for
> this list is of the general format:
Maybe I misunderstood his problem?
I thought he was saying mail from the list was reaching him as "from:"
the subscriber, not the mailing list name itself, such as
users@spamassassin.apache.org.
> If that doesn't work I really would try to get your system to pass this
> info into the headers, as several rules can't work properly without it
> (ie: SPF). MDA layer processing in procmail and the like is rarely a
> problem, but MTA layer calls often occur before this is added. It is
> common for MTA layer integration tools to do this for you by adding a
> dummy Return-Path header, but if you've just added a spamc call directly
> into one of your MTA's config files, this problem usually shows.
I'm not having this problem, but can you explain how this might be
done with postfix? Perhaps off-topic, but as it relates to building a
proper rule with SA....
Thanks,
Alex
Re: Whitelist on List-ID
Posted by Matt Kettler <mk...@verizon.net>.
On 1/21/2010 10:46 PM, Alex wrote:
> Hi,
>
>
>> I belong to several mailing lists and newsgroups. Messages from one
>> particular list is almost always marked as spam by spamassassin. I've tried
>> to whitelist this group but the from header matches the address of the
>> original message sender, not the group address. Is there a way to whitelist
>> on the List-ID header?
>>
> Try whitelist_from_rcvd instead:
>
> http://spamassassin.apache.org/full/3.1.x/doc/Mail_SpamAssassin_Conf.html
>
> Or create a header rule that subtracts 5 from the mail server for the
> mailing list:
>
> header MY_MAILLIST Received =~ /.mailserver.com/
>
> Regards,
> Alex
>
>
Alex, if whitelist_from doesn't work, whitelist_from_rcvd won't either.
That's *more* restrictive, not less.
Rick, if you've been using "users@spamassassin.apache.org" try using
*@spamassassin.apache.org instead. If you've got envelope FROM headers
added (ie: Return-Path), this should match them. The return-path for
this list is of the general format:
users-return-86375-mkettler_sa=verizon.net@spamassassin.apache.org
If that doesn't work I really would try to get your system to pass this
info into the headers, as several rules can't work properly without it
(ie: SPF). MDA layer processing in procmail and the like is rarely a
problem, but MTA layer calls often occur before this is added. It is
common for MTA layer integration tools to do this for you by adding a
dummy Return-Path header, but if you've just added a spamc call directly
into one of your MTA's config files, this problem usually shows.
Re: Whitelist on List-ID
Posted by Alex <my...@gmail.com>.
Hi,
> I belong to several mailing lists and newsgroups. Messages from one
> particular list is almost always marked as spam by spamassassin. I've tried
> to whitelist this group but the from header matches the address of the
> original message sender, not the group address. Is there a way to whitelist
> on the List-ID header?
Try whitelist_from_rcvd instead:
http://spamassassin.apache.org/full/3.1.x/doc/Mail_SpamAssassin_Conf.html
Or create a header rule that subtracts 5 from the mail server for the
mailing list:
header MY_MAILLIST Received =~ /.mailserver.com/
Regards,
Alex
Re: Whitelist on List-ID
Posted by Johann Spies <js...@sun.ac.za>.
On Thu, Jan 21, 2010 at 09:08:05PM -0700, LuKreme wrote:
> You shouldn't be sending ANY mailinglists through SpamAssassin.
Why not? A lot of mailing lists are used by spammers.
Regards
Johann
--
Johann Spies Telefoon: 021-808 4599
Informasietegnologie, Universiteit van Stellenbosch
"He that giveth unto the poor shall not lack: but he
that hideth his eyes shall have many a curse."
Proverbs 28:27
Re: Whitelist on List-ID
Posted by LuKreme <kr...@kreme.com>.
On 21-Jan-2010, at 22:25, Benny Pedersen wrote:
> On Fri 22 Jan 2010 05:08:05 AM CET, LuKreme wrote
>
>> On Jan 21, 2010, at 20:24, Rick Knight <ri...@rlknight.com> wrote:
>>> I belong to several mailing lists and newsgroups. Messages from one particular list is almost always marked as spam by spamassassin.
>>
>> You shouldn't be sending ANY mailinglists through SpamAssassin.
>
> in my headers:
>
> X-ASF-Spam-Status: No,
I never said that a list should not filter its mail through SpamAssassin. the recipient should not be.
--
THERE WAS NO ROMAN GOD NAMED "FARTICUS"
Bart chalkboard Ep. 5F06
Re: Whitelist on List-ID
Posted by Benny Pedersen <me...@junc.org>.
On Fri 22 Jan 2010 05:08:05 AM CET, LuKreme wrote
> On Jan 21, 2010, at 20:24, Rick Knight <ri...@rlknight.com> wrote:
>> I belong to several mailing lists and newsgroups. Messages from one
>> particular list is almost always marked as spam by spamassassin.
>
> You shouldn't be sending ANY mailinglists through SpamAssassin.
in my headers:
X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS
X-Spam-Status: No, score=-11.577 tagged_above=-999 required=5
tests=[AWL=-0.477, BAYES_00=-2.599, MAILLISTS=-3.5, SPF_PASS=-0.001,
USER_IN_SPF_WHITELIST=-5] autolearn=no
in amavisd it could be nice if apache.org add dkim to the maillist
outgoing mails so atleast amavisd can drop spam check on this mails
from apache org :)
until then, one could make a spf shourtcicurit rule to stop based on
spf pass, i am just to laisy to make it
--
xpoint http://www.unicom.com/pw/reply-to-harmful.html
Re: [sa] Re: Whitelist on List-ID
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
> On 22.01.10 09:49, Charles Gregory wrote:
[...]
On 22.01.10 19:28, Matus UHLAR - fantomas wrote:
> Btw Have I already asked you for using something standard ('>') for quoting?
ops, I did, you did, just in another thread I read later. Sorry
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Support bacteria - they're the only culture some people have.
Re: Whitelist on List-ID
Posted by Charles Gregory <cg...@hwcn.org>.
On Fri, 22 Jan 2010, Matus UHLAR - fantomas wrote:
>> On Thu, 21 Jan 2010, LuKreme wrote:
>> : You shouldn't be sending ANY mailinglists through SpamAssassin.
> On 22.01.10 09:49, Charles Gregory wrote:
>> Say what? And how exactly do you propose to do that for hundreds of users,
>> any of whom could be subscribed to many different lists? Far too much for
>> any manual system (presuming you could even get the cooperation of users
>> who are mostly oblivious to our filtering efforts).
>>
>> If you are suggesting something automated, how would you suggest that I
>> identify legitimate mailing lists separate from spammer-faked 'mailing
>> lists'? X-List headers cannot be relied upon....
>
> I'd simply say: try to avoid feeding to SA mail from known/trusted
> lists/IPs... I think that's reasonable.
I didn't say it was a bad idea, I asked HOW it could be done for hundreds
of users, each with their own collection of 'trusted' sources, of which I
know nothing (and probably shouldn't due to privacy laws).
The only thing I can picture, technically, is a kind of auto-whitelist, or
a user-specified whitelist.
The former is subject to various pitfalls, as I've already experienced on
my system, and the latter, even though available to the user as a post-SA
filtering option, tends to get ignored by 95% of users. So the extra
effort to inject a per-user whitelist mechanism into the MTA would seem to
be a waste of time.
I'm all for 'reasonable' suggestions, but they really do need to be
'reasonable' in the context of the user base. :)
- Charles
Re: [sa] Re: Whitelist on List-ID
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
> On Thu, 21 Jan 2010, LuKreme wrote:
> : You shouldn't be sending ANY mailinglists through SpamAssassin.
On 22.01.10 09:49, Charles Gregory wrote:
> Say what? And how exactly do you propose to do that for hundreds of users,
> any of whom could be subscribed to many different lists? Far too much for
> any manual system (presuming you could even get the cooperation of users
> who are mostly oblivious to our filtering efforts).
>
> If you are suggesting something automated, how would you suggest that I
> identify legitimate mailing lists separate from spammer-faked 'mailing
> lists'? X-List headers cannot be relied upon....
I'd simply say: try to avoid feeding to SA mail from known/trusted
lists/IPs... I think that's reasonable.
Btw Have I already asked you for using something standard ('>') for quoting?
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The only substitute for good manners is fast reflexes.
Re: [sa] Re: Whitelist on List-ID
Posted by Charles Gregory <cg...@hwcn.org>.
On Thu, 21 Jan 2010, LuKreme wrote:
: You shouldn't be sending ANY mailinglists through SpamAssassin.
Say what? And how exactly do you propose to do that for hundreds of users,
any of whom could be subscribed to many different lists? Far too much for
any manual system (presuming you could even get the cooperation of users
who are mostly oblivious to our filtering efforts).
If you are suggesting something automated, how would you suggest that I
identify legitimate mailing lists separate from spammer-faked 'mailing
lists'? X-List headers cannot be relied upon....
- C
Re: Whitelist on List-ID
Posted by LuKreme <kr...@kreme.com>.
On Jan 21, 2010, at 20:24, Rick Knight <ri...@rlknight.com> wrote:
> I belong to several mailing lists and newsgroups. Messages from one
> particular list is almost always marked as spam by spamassassin.
You shouldn't be sending ANY mailinglists through SpamAssassin.