You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by us...@eurower.com on 2007/08/24 13:46:10 UTC
Combine whitelist_to and whitelist_from
Invoke method : UsedViaProcmail
Version : 3.1.9 (2007-02-13)
Platform : Linux Fedora 2.6.20-1.2925.fc6
Hello,
imagin a newsletters or order mail sent by an seller website with the
from address : *@sellermail.com
I have in my mail system an address like sellermail.com@mydomain.com
With that, I can trace where my emails are sent in order to trace spam
and site that sell my email.
So, only *@sellermail.com can send me mail on
sellermail.com@mydomain.com (theorical)
The problem is that on a mailing list, the sellermail.com@mydomain.com
is used by spamer and they send me spam on sellermail.com@mydomain.com.
Is it possible to combine whitelist_from and whitelist_to in order to
tag "no spam" mails with 2 conditions :
whitelist_from *@sellermail.com AND whitelist_to
sellermail.com@mydomain.com OK
So, if a spammer i_am_spam@spam.com send me a mail on
sellermail.com@mydomain.com, the second conditions will be OK but not
the first and spamassassin will considere it as spam !
Thank you for your help ...
Yves
Re: Combine whitelist_to and whitelist_from
Posted by us...@eurower.com.
users-spamassassin@eurower.com a écrit :
> Matus UHLAR - fantomas a écrit :
>> On 24.08.07 13:46, users-spamassassin@eurower.com wrote:
>>
>>> imagin a newsletters or order mail sent by an seller website with
>>> the from address : *@sellermail.com
>>> I have in my mail system an address like sellermail.com@mydomain.com
>>>
>>> With that, I can trace where my emails are sent in order to trace
>>> spam and site that sell my email.
>>> So, only *@sellermail.com can send me mail on
>>> sellermail.com@mydomain.com (theorical)
>>>
>>> The problem is that on a mailing list, the
>>> sellermail.com@mydomain.com is used by spamer and they send me spam
>>> on sellermail.com@mydomain.com.
>>>
>>> Is it possible to combine whitelist_from and whitelist_to in order
>>> to tag "no spam" mails with 2 conditions :
>>> whitelist_from *@sellermail.com AND whitelist_to
>>> sellermail.com@mydomain.com OK
>>>
>>> So, if a spammer i_am_spam@spam.com send me a mail on
>>> sellermail.com@mydomain.com, the second conditions will be OK but
>>> not the first and spamassassin will considere it as spam !
>>>
>>
>> the from address can be as easily faked as the to address. I have
>> seen on
>> this mailing list many reports from users whitelisting their own address
>> somehow and thus getting false positives.
>>
>> What you are searching for, is whitelist_from_rcvd which combined from
>> address with address of mailserver the mail was received from, or
>> better,
>> whitelist_auth, if the outgoing domain supports SPF (sellermail.com does
>> not...)
>>
>> -- Matus UHLAR - fantomas,
>> uhlar@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to
>> receive
>> e-mail advertising to this address. Varovanie: na tuto adresu chcem
>> NEDOSTAVAT akukolvek reklamnu postu. Your mouse has moved. Windows NT
>> will
>> now restart for changes to take to take effect. [OK]
>>
> Hummm, thanks,
>
> I saw that and try but severals website send for example :
>
> *@sellermail.com send a mail to me on sellermail.com@mydomain.com from
> the provider.com or webhosted.com that are internet or server hosted
> provider.
>
> The probleme in this case is that type of seller can change their sender
> server. Meanwhile, it won't change the from or or to address (rarely).
> So the from and to combinated are best that test on headers rcvd (for
> me) ....
>
> Yves
>
>
>
Re: Combine whitelist_to and whitelist_from
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
On 24.08.07 13:46, users-spamassassin@eurower.com wrote:
> imagin a newsletters or order mail sent by an seller website with the
> from address : *@sellermail.com
> I have in my mail system an address like sellermail.com@mydomain.com
>
> With that, I can trace where my emails are sent in order to trace spam
> and site that sell my email.
> So, only *@sellermail.com can send me mail on
> sellermail.com@mydomain.com (theorical)
>
> The problem is that on a mailing list, the sellermail.com@mydomain.com
> is used by spamer and they send me spam on sellermail.com@mydomain.com.
>
> Is it possible to combine whitelist_from and whitelist_to in order to
> tag "no spam" mails with 2 conditions :
> whitelist_from *@sellermail.com AND whitelist_to
> sellermail.com@mydomain.com OK
>
> So, if a spammer i_am_spam@spam.com send me a mail on
> sellermail.com@mydomain.com, the second conditions will be OK but not
> the first and spamassassin will considere it as spam !
the from address can be as easily faked as the to address. I have seen on
this mailing list many reports from users whitelisting their own address
somehow and thus getting false positives.
What you are searching for, is whitelist_from_rcvd which combined from
address with address of mailserver the mail was received from, or better,
whitelist_auth, if the outgoing domain supports SPF (sellermail.com does
not...)
-- Matus UHLAR - fantomas,
uhlar@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive
e-mail advertising to this address. Varovanie: na tuto adresu chcem
NEDOSTAVAT akukolvek reklamnu postu. Your mouse has moved. Windows NT will
now restart for changes to take to take effect. [OK]