You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2009/06/05 20:59:29 UTC
[Bug 6125] Didn't catch 2 obvious spam violations
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6125
Karsten Bräckelmann <gu...@rudersport.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
--- Comment #1 from Karsten Bräckelmann <gu...@rudersport.de> 2009-06-05 11:59:28 PST ---
> From and To contained the same address.
This is a valid, commonly used approach when sending to a pure Bcc list and
does occur in ham. See various discussions in the list archives.
> While I have *@channel-islands-sw.com in my white list, I can change this as
> there are only 3 "real" e-mail addresses, however "sales@..." is one of them.
Do NOT use whitelist_from, but whitelist_from_rcvd with your own, outbound SMTP
servers. Spammers often use the target address as the sender, because
(a) it's an easy pass in case of mis-configuration and (b) a lot of MUAs then
display remote images, because the address is in the local address-book.
The plain whitelist_from must only be used as a (dangerous) last resort, if it
really is necessary to whitelist in the first place, and none of the other
variants (rcvd, auth, etc.) can be used.
The whitelist_from is a custom configuration.
> If I could set TO = REPLY TO to somehting more than 100, it would easily solve
> this problem, also, it VIAGRA (spelled correctly) was caught I could do the
> same. Both would void the white list entry.
Such a TO_EQ_REPLYTO rule /can/ be written using the pseudo ALL header and
multi-line matching. From memory it doesn't seem worthwhile to include it in
stock though, since this is a rarely used pattern and may occur in ham.
Scoring *anything* 100 is a very, very bad idea. And the reason to ask for this
in the first place is an unsafe whitelist. Fix that instead. :)
IMHO, this is not a bug but a local (mis-) configuration issue. Sorry.
Closing RESOLVED INVALID.
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.