-------- Original-Nachricht --------
> Datum: Fri, 27 Jun 2008 14:34:28 +0200
> Von: Bonnetot Jean-Daniel <[EMAIL PROTECTED]>
> An: [email protected]
> Betreff: Re: [dspam-users] How to force whitelisting ?
>
> I am the only one which asking how to force whitelisting ?
>
Looks like. Anyway... you could force whitelisting by directly incrementing the
whitelist token in the storage. For example in MySQL you could do this (I echo
the SQL statement, but I think you get the point).
Assuming the DSPAM user id where you want to force whitelist token is 4.
Assuming the message you want to extract the From header is in /tmp/test.msg.
Assuming you need 10 innocent hits for getting a From header line to be
whitelisted, then something like this below would print out the SQL statement
you need to execute in order to get that particular From line whitelisted:
_dspam_user_id="4";
_message="/tmp/test.msg";
_from_token="$(dspam_crc "$(sed '/^$/q;' ${_message} | sed -n 's:^\(From\)\:[\t
]*\(.*\):\1*\2:gIp')" | sed 's:^.*CRC\:[\t ]*\([0-9]*\)[\t ]*$:\1:')";
echo "INSERT INTO \`dspam_token_data\` (\`uid\`, \`token\`, \`spam_hits\`,
\`innocent_hits\`, \`last_hit\`) VALUES (${_dspam_user_id}, '${_from_token}',
0, 10, NOW()) ON DUPLICATE KEY UPDATE innocent_hits=innocent_hits+10,
last_hit=NOW();"
If you want to have a huge bias towards whitelisting for that token/user, then
increase the innocent counter by 1'000 or even more.
I want to emphasise that this is a hack and that you are polluting your
statistical data with the above mentioned method. DSPAM is not made for such
hacks. Probably better would be to completely ignore DSPAM on the MTA level for
the addresses you want to whitelist.
Keep in mind that DSPAM calculates the CRC/token on the whole From header line.
And it is CaSeSenSiTiVe! :)
As you see below, all the different From lines for the same sender produce
different tokens:
From: Bonnetot Jean-Daniel <[EMAIL PROTECTED]>
TOKEN: 'From*Bonnetot Jean-Daniel <[EMAIL PROTECTED]>' CRC:
12604099113258623031
From: Jean-Daniel Bonnetot <[EMAIL PROTECTED]>
TOKEN: 'From*Jean-Daniel Bonnetot <[EMAIL PROTECTED]>' CRC:
14562488709064319461
From: Bonnetot Jean-Daniel <[EMAIL PROTECTED]>
TOKEN: 'From*Bonnetot Jean-Daniel <[EMAIL PROTECTED]>' CRC:
12594531299795796023
From: Bonnetot Jean-Daniel <[EMAIL PROTECTED]>
TOKEN: 'From*Bonnetot Jean-Daniel <[EMAIL PROTECTED]>' CRC:
12609785709371195447
From: <[EMAIL PROTECTED]>
TOKEN: 'From*<[EMAIL PROTECTED]>' CRC: 8608927262636099104
From: [EMAIL PROTECTED]
TOKEN: '[EMAIL PROTECTED]' CRC: 5384785331067481214
Keep as well in mind, that the above command just increased the innocent hit on
the whitelist token but did not update the statistics for the user in question.
From a statistical viewpoint this is not so super good (depending on how much
weight you want to give to the whitelist token).
Best approach for forcing whitelisting would be to modify DSPAM to allow
whitelisting from the command line with parameters. This approach would ensure
that all the different storage backends would be able to get updated
whitelisting. But I don't think that it would be a wise idea to go that path (I
mean the forced whitelisting).
Do others on the list see a huge benefit if we would have forced whitelisting
possibility from the command line?
BTW: DSPAM does not have domain whitelisting possibility. Would however not be
a ultra huge development task to get that implemented in DSPAM.
// Steve
> --
> .`'`. BONNETOT Jean-Daniel
> : ': :
> `. ` .` PRIVIANET
> `'` Sys & Net Admin
>
>
> Mon, 23 Jun 2008 12:58:07 +0200, Bonnetot Jean-Daniel :
> [dspam-users] How to force whitelisting ?
> > Hello,
> >
> > Do you know how to force whitelisting ?
> >
> > I have a solution but it is tinkering...
> >
> > For a mail where "From" have to be whitelisted for "To" users.
> > ex :
> > From: Someone <[EMAIL PROTECTED]>
> > To: Otherone <[EMAIL PROTECTED]>
> > -----
> > i=0
> > while [ $i -lt 20 ];
> > do let "i += 1"
> > echo -e "From: Someone <[EMAIL PROTECTED]>\n\n" | dspam --user \
> > [EMAIL PROTECTED] --source=inoculation --stdout \
> > --deliver=innocent,spam --class=innocent
> > done
> > -----
> >
> > The result is :
> >
> > Before : $> echo -e "From: [EMAIL PROTECTED]" | dspam --user \
> > [EMAIL PROTECTED] --stdout --deliver=innocent,spam --classify
> > X-DSPAM-Result: [EMAIL PROTECTED]; result="Innocent";
> > class="Innocent"; probability=0.1649; confidence=1.00; signature=N/A
> >
> > After : $> echo -e "From: [EMAIL PROTECTED]" | dspam --user \
> > [EMAIL PROTECTED] --stdout --deliver=innocent,spam --classify
> > X-DSPAM-Result: [EMAIL PROTECTED]; result="Innocent";
> > class="Whitelisted"; probability=0.0000; confidence=0.99;
> > signature=N/A
> >
> > As you can see, class become "Whitelisted".
> > Does anyone have a better solution to whiteliste ? Do you know if
> > DSPAM support domain whitelisting ? (every mail from xxxxxx.com would
> > be whitelisted for someone)
> >
> > Thanks
> >
> > --
> > .`'`. BONNETOT Jean-Daniel
> > : ': :
> > `. ` .` PRIVIANET
> > `'` Sys & Net Admin
> >
> >
> >
> >
> >
> >
> >
>
>
>
>
--
Ist Ihr Browser Vista-kompatibel? Jetzt die neuesten
Browser-Versionen downloaden: http://www.gmx.net/de/go/browser
!DSPAM:1011,4865633b150921394910710!
