Stefan Lambrev wrote:
Hello,
I noticed that after upgrading spamassassin to the latest (in ports)
version, manual whitelist is somehow broken.
In previous version spamassassin detects without a problem forged "From"
headers and even with "whitelist_from [EMAIL PROTECTED]"
mails that are spam got caught.
With the latest version of spamassassins the following example will not
be detected as spam:
>telnet mailserver-spamprotected.com 25
>helo somedomain.com
>mail from: [EMAIL PROTECTED]
>rcpt to: [EMAIL PROTECTED]
>data
From: [EMAIL PROTECTED]
some spam xxx.
.
>quit
In this case whitelist_from [EMAIL PROTECTED] is triggered,
and I'm pretty sure that wasn't a case in older versions of spamassassin.
Any ideas what is changed, and how I can restored the old behavior.
As far as I know, nothing has changed. What you are seeing is expected
behaviour.
"whitelist_from" should only be used as a last resort because it blindly
trusts the (alleged) envelope sender address. The documentation warns
about this:
<http://spamassassin.apache.org/full/3.2.x/doc/Mail_SpamAssassin_Conf.html#whitelist_and_blacklist_options>
Personally, I include the SPF plugin and use "whitelist_from_spf"
entries wherever possible. Failing that (if sending domain doesn't
publish SPF details) I use "whitelist_from_rcvd".
--
John Marshall
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[EMAIL PROTECTED]"