You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2004/06/08 19:07:06 UTC

[Bug 3487] New: Whitelist enhancement for SPF

http://bugzilla.spamassassin.org/show_bug.cgi?id=3487

           Summary: Whitelist enhancement for SPF
           Product: Spamassassin
           Version: SVN Trunk (Latest Devel Version)
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: spamassassin
        AssignedTo: spamassassin-dev@incubator.apache.org
        ReportedBy: tony@seacow.net


SPF only checks the from envelope and allows the From: header to be forged, but
whitelist_from relies on the From: header.  Can we add the features
"whitelist_envelope_from" and "blacklist_envelope_from" that will be based on
the from envelope instead of the From: header?  This will allow whitelisting and
blacklisting on SPF validated addresses.  Is there a disadvantage to using the
from envelope for whitelisting?



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

Re: [Bug 3487] New: Whitelist enhancement for SPF

Posted by Loren Wilton <lw...@earthlink.net>.

> Can we add the features
> "whitelist_envelope_from" and "blacklist_envelope_from" that will be based
on
> the from envelope instead of the From: header?

Would it maybe be better to keep the rulename the same, and just change the
code to use the envelope-from in preference to from: if it is available?  I
can't see a lot of value to maintaining a whitelist rule that used a known
forgable field when it might be able to use a better one instead.

Maintaining the existing rule names but changing the code to use the
envelope from if available means that existing rulesets will still "just
work", only better (if the info is available.)

        Loren