You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Robert Menschel <Ro...@Menschel.net> on 2005/05/26 06:19:43 UTC
[SARE] Whitelist.cf updated
Just a quick note that the SARE whitelist rules file has been updated.
Documentation at http://www.rulesemporium.com/rules.htm#whitelist
Bob Menschel
Re: [SARE] Whitelist.cf updated
Posted by Jeff Chan <je...@surbl.org>.
On Friday, May 27, 2005, 4:13:22 PM, Robert Menschel wrote:
> Hello Jeff,
> Friday, May 27, 2005, 1:06:46 AM, you wrote:
JC>> On Thursday, May 26, 2005, 5:58:02 PM, Robert Menschel wrote:
JC>>>> 2. Would they be appropriate to whitelist (i.e. exclude from
JC>>>> listing) in SURBLs?
>>> Unlikely, since the web sites mentioned in the emails are rarely the
>>> same as the From address or routing server. However, the primary web
>>> sites within those emails might be good candidates for the SURBL
>>> whitelist.
>>> Bob Menschel
JC>> Fair enough. You don't happen to have a list of those
JC>> corresponding websites do you? :-)
> Not readily handy, but if you can find me a few extra hours :-), I can
> scan my corpus and put together a partial list.
> Bob Menschel
> (and no, this holiday weekend doesn't count -- I'll be back at the
> office for a network change at 9:00 tonight, spending 4 hours
> Sat/Sun on an A/P archival program, another 4 on Sunday for G/L and
> physical inventories, and preparing Monday for major changes to our
> credit authorization system)
No rush, but if you can get them sometime that would be great!
:-)
Jeff C.
--
Jeff Chan
mailto:jeffc@surbl.org
http://www.surbl.org/
Re[2]: [SARE] Whitelist.cf updated
Posted by Robert Menschel <Ro...@Menschel.net>.
Hello Jeff,
Friday, May 27, 2005, 1:06:46 AM, you wrote:
JC> On Thursday, May 26, 2005, 5:58:02 PM, Robert Menschel wrote:
JC>>> 2. Would they be appropriate to whitelist (i.e. exclude from
JC>>> listing) in SURBLs?
>> Unlikely, since the web sites mentioned in the emails are rarely the
>> same as the From address or routing server. However, the primary web
>> sites within those emails might be good candidates for the SURBL
>> whitelist.
>> Bob Menschel
JC> Fair enough. You don't happen to have a list of those
JC> corresponding websites do you? :-)
Not readily handy, but if you can find me a few extra hours :-), I can
scan my corpus and put together a partial list.
Bob Menschel
(and no, this holiday weekend doesn't count -- I'll be back at the
office for a network change at 9:00 tonight, spending 4 hours
Sat/Sun on an A/P archival program, another 4 on Sunday for G/L and
physical inventories, and preparing Monday for major changes to our
credit authorization system)
Re: [SARE] Whitelist.cf updated
Posted by Jeff Chan <je...@surbl.org>.
On Thursday, May 26, 2005, 5:58:02 PM, Robert Menschel wrote:
JC>> 2. Would they be appropriate to whitelist (i.e. exclude from
JC>> listing) in SURBLs?
> Unlikely, since the web sites mentioned in the emails are rarely the
> same as the From address or routing server. However, the primary web
> sites within those emails might be good candidates for the SURBL
> whitelist.
> Bob Menschel
Fair enough. You don't happen to have a list of those
corresponding websites do you? :-)
Jeff C.
--
Jeff Chan
mailto:jeffc@surbl.org
http://www.surbl.org/
Re[2]: [SARE] Whitelist.cf updated
Posted by Robert Menschel <Ro...@Menschel.net>.
Hello Jeff,
Wednesday, May 25, 2005, 10:42:57 PM, you wrote:
JC> On Wednesday, May 25, 2005, 9:19:43 PM, Robert Menschel wrote:
>> Just a quick note that the SARE whitelist rules file has been updated.
>> Documentation at http://www.rulesemporium.com/rules.htm#whitelist
>> Bob Menschel
JC> A couple questions:
JC> 1. Are these envelope senders or URI domains?
Envelope senders. Whitelist runs against the From address and the
first trusted Received header recording which external system the
email comes from to reach your system.
JC> 2. Would they be appropriate to whitelist (i.e. exclude from
JC> listing) in SURBLs?
Unlikely, since the web sites mentioned in the emails are rarely the
same as the From address or routing server. However, the primary web
sites within those emails might be good candidates for the SURBL
whitelist.
Bob Menschel
Re: [SARE] Whitelist.cf updated
Posted by Jeff Chan <je...@surbl.org>.
On Wednesday, May 25, 2005, 9:19:43 PM, Robert Menschel wrote:
> Just a quick note that the SARE whitelist rules file has been updated.
> Documentation at http://www.rulesemporium.com/rules.htm#whitelist
> Bob Menschel
A couple questions:
1. Are these envelope senders or URI domains?
2. Would they be appropriate to whitelist (i.e. exclude from
listing) in SURBLs?
The description makes the data look pretty sender-ish:
# It uses the whitelist_from_rcvd directive, which takes two
parameters: a glob-style pattern matching the
# From address used, and the domain from which these items are
emailed. This domain is compared against the
# Received header which documents passage of the email from
outside your local network to inside your local network,
# in other words the only external Received header that you can
trust. If that domain name and the from email
# address matches these two items, then the email is whitelisted.
Jeff C.
--
Jeff Chan
mailto:jeffc@surbl.org
http://www.surbl.org/
[SARE] obfu.cf, specific.cf updated
Posted by Robert Menschel <Ro...@Menschel.net>.
Just a quick note that the SARE specific.cf and obfu.cf rules files
have been updated.
Documentation at http://www.rulesemporium.com/rules.htm#specific and
http://www.rulesemporium.com/rules.htm#obfu
Updates to specific.cf are minor.
Updates to obfu.cf include 36 new rules, including several for href
obfuscation and table obfuscation,
Bob Menschel