Re[2]: SARE Whitelist candidate

[Robert Menschel <Ro...@Menschel.net>]

Hello Andy,

Wednesday, July 27, 2005, 7:13:01 AM, you wrote:

AJ> Didn't know there was a SARE whitelist.

Discussed on this list a few months back, while experimenting with it
on my own system. Then announced it here when published, but otherwise
it's been quiet. Worth mentioning from time to time...

AJ> Here'sanother Fidelity E-Mail address we whitelist:
AJ> fidelityinvestments@fulfillmentconcepts.com

Thanks, but I need more than just the email address.  It's much, much
too easy for spammers to forge/fake an email address in their From
header.

We use the whitelist_from_rcvd directive instead,
> whitelist_from_rcvd  EmailAddress  ServerDomain

SpamAssassin identifies which Received headers are trusted (belong to
your system, or otherwise are trusted to pass you accurate information
about the upstream/sending server).  It compares the sending server in
the last of these against the ServerDomain parameter.

Only if both the email address pattern and the server domain match is
the email whitelisted.

Even if the spammer fakes the email address, and generates a bogus
Received header with the server domain, that received header will not
be trusted (it wasn't generated by your system), and therefore the
email won't be whitelisted in error.

If you can send me a copy of the email, or at least its full headers
(no need for any of the confidential information that might be in the
body), I can identify the correct server domain to include in the
directive.

Bob Menschel