You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Sergei <se...@publicschoolworks.com> on 2011/04/18 20:44:52 UTC
whitelist
Hello everybody,
I can't figure out why even after I put an address into a whitelist
(whitelist_from), it's still marked as SPAM. Sorry if this is a common
question. Would be grateful for any suggestions.
Thanks,
Sergei
Re: whitelist
Posted by Sergei <se...@publicschoolworks.com>.
Thanks for a quick reply. Here are the headers (I've replaced the sender's user id with SOMEUSER):
Received: from [127.0.0.1] (helo=silent.office.publicschoolworks.com)
by dev.publicschoolworks.com with esmtp (Exim 4.71)
(envelope-from <SO...@mail.ru>)
id 1QBrsv-0005FR-R2
for sergei@localhost; Mon, 18 Apr 2011 13:05:13 -0400
Received: from 64.18.218.22 [64.18.218.22]
by silent.office.publicschoolworks.com with POP3 (fetchmail-6.3.9-rc2)
for <se...@localhost> (single-drop); Mon, 18 Apr 2011 13:05:13 -0400 (EDT)
Received: from [217.69.129.68] (helo=f9.mail.ru)
by publicschoolworks.com with esmtp (Exim 4.73)
(envelope-from <SO...@mail.ru>)
id 1QBrrx-0007Ui-Ey
for sergei@publicschoolworks.com; Mon, 18 Apr 2011 13:04:13 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mail.ru; s=mail;
h=Message-Id:Content-Transfer-Encoding:Content-Type:Reply-To:In-Reply-To:References:Date:Mime-Version:To:From;
+bh=Wj3bf777uBMhFh4gXD8aW8FRJbmnzVaxNz55aqRK6O4=;
b=hgCB+/VxNs1WA+F7YbZ2WL2EWDNtHc3nufO5Wt1IAyyvX2NMxXtolvooMm40QIK7VWCz9FBydC5ac1lbaHBisBDIk5Obs4yQ+CoF1IQxVTJcfs1hMs2sb5wYBME9L9Ss;
Received: from mail by f9.mail.ru with local
id 1QBrpH-0005WZ-00
for sergei@publicschoolworks.com; Mon, 18 Apr 2011 21:01:27 +0400
Received: from [92.113.60.56] by e.mail.ru with HTTP;
Mon, 18 Apr 2011 21:01:27 +0400
From: SOMEUSER_FIRST_NAME SOMEUSER_LAST_NAME <SO...@mail.ru>
To: Sergei Gerasenko <se...@publicschoolworks.com>
Mime-Version: 1.0
X-Mailer: mPOP Web-Mail 2.19
X-Originating-IP: [92.113.60.56]
Date: Mon, 18 Apr 2011 21:01:27 +0400
References: <E1...@f238.mail.ru> <E1...@f271.mail.ru> <20...@localhost>
In-Reply-To: <20...@localhost>
Reply-To: SOMEUSER_FIRST_NAME SOMEUSER_LAST_NAME <SO...@mail.ru>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: base64
Message-Id: <E1...@f9.mail.ru>
X-Spam: Not detected
X-Mras: Ok
===========================
In my user_prefs:
whitelist_from SOMEUSER@mail.ru
whitelist_from_spf SOMEUSER@mail.ru
I did restart spamd.
Thanks!
Sergei
On Mon, Apr 18, 2011 at 02:48:05PM -0400, Michael Scheidell wrote:
> On 4/18/11 2:44 PM, Sergei wrote:
> >Hello everybody,
> >
> >I can't figure out why even after I put an address into a whitelist
> >(whitelist_from), it's still marked as SPAM. Sorry if this is a common
> >question. Would be grateful for any suggestions.
> >
> >Thanks,
> > Sergei
> need a LOT more info.
>
> post full headers (not email) and post the EXACT LINE YOU USED in local.cf
>
> you did restart spamd after, right?
>
>
>
> --
> Michael Scheidell, CTO
> o: 561-999-5000
> d: 561-948-2259
> ISN: 1259*1300
> >*| *SECNAP Network Security Corporation
>
> * Best Intrusion Prevention Product, Networks Product Guide
> * Certified SNORT Integrator
> * Hot Company Award, World Executive Alliance
> * Best in Email Security, 2010 Network Products Guide
> * King of Spam Filters, SC Magazine
>
> ______________________________________________________________________
> This email has been scanned and certified safe by SpammerTrap(r).
> For Information please see
> http://www.secnap.com/products/spammertrap/
> ______________________________________________________________________
Re: whitelist
Posted by Michael Scheidell <mi...@secnap.com>.
On 4/18/11 2:44 PM, Sergei wrote:
> Hello everybody,
>
> I can't figure out why even after I put an address into a whitelist
> (whitelist_from), it's still marked as SPAM. Sorry if this is a common
> question. Would be grateful for any suggestions.
>
> Thanks,
> Sergei
need a LOT more info.
post full headers (not email) and post the EXACT LINE YOU USED in local.cf
you did restart spamd after, right?
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300
>*| *SECNAP Network Security Corporation
* Best Intrusion Prevention Product, Networks Product Guide
* Certified SNORT Integrator
* Hot Company Award, World Executive Alliance
* Best in Email Security, 2010 Network Products Guide
* King of Spam Filters, SC Magazine
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
Re: whitelist
Posted by Daniel McDonald <da...@austinenergy.com>.
On 4/18/11 1:44 PM, "Sergei" <se...@publicschoolworks.com> wrote:
> Hello everybody,
>
> I can't figure out why even after I put an address into a whitelist
> (whitelist_from), it's still marked as SPAM. Sorry if this is a common
> question. Would be grateful for any suggestions.
The simple suggestions:
1. Are you certain your whitelist matches the envelop sender address?
2. Did you restart spamd/amavisd/whatever daemonized process was running
after updating the rules?
The usual suggestions:
1. Whitelist_from is very dangerous, because it is so easy to spoof. You
should use whitelist_from_dkim, whitelist_from_spf, or
whitelist_from_received (in descending order of trust) instead.
>
> Thanks,
> Sergei
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281