You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@spamassassin.apache.org by Apache Wiki <wi...@apache.org> on 2006/10/05 10:03:08 UTC

[Spamassassin Wiki] Update of "WhitelistingEverybody" by MattKettler

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Spamassassin Wiki" for change notification.

The following page has been changed by MattKettler:
http://wiki.apache.org/spamassassin/WhitelistingEverybody

The comment on the change is:
Fixed misconception about trusted networks - matt kettler

------------------------------------------------------------------------------
  
  If you simply use 'whitelist_from', this is quite trivial for spammers to exploit, as it simply examines the From: headers of the mail.
  
+ Note: for either of the below to work, you must have your trusted networks set properly. See TrustPath for more details. That said, trusted_networks is NOT a whitelist mechanism in itself.
- (NEW) I think use of 'trusted_networks' is the easiest and best - In the form of
- trusted_networks ip.add.re.ss[/mask] ... (default: none) as documented [http://spamassassin.apache.org/full/3.0.x/dist/doc/Mail_SpamAssassin_Conf.html#item_trusted_networks_ip_2eadd_2ere_2ess_5b_2fmask_5d__ here], e.g. trusted_networks 66.111.4.0/24
  
  One way is to use 'whitelist_from_rcvd', which requires a hostname appear in the headers as well.