Just to explain one more time, SpamAssassin applies a bunch of (mostly regular expression) tests against the headers and body of an email, driven off a list of 'rules' each of which has a certain 'score weight' attached (which can be plus or minus). At the end of the email it adds up the score and compares it to a threshhold which you have set in your .cf file, and if the threshhold is exceeded, it either flags, redirects, or drops the message, again according to your chosen config file.OK. Then explain something to me. How does SpamAssassin differentiate between a solicited bulk message and an unsolicited bulk message?
Given two otherwise identical messages, both originating from non-blackholed mail hosts (since one of the optional tests is for blackholes), one "solicited" and the other "unsolicited," SpamAssassin would have no way to tell. (There is no such thing as an X-Solicited: header, and you can bet that if there were, it's the first thing spammers would include.)
As installed out of the box, SpamAssassin would most likely let BOTH messages through to your inbox unmolested. If you tune the scoring or the threshhold downward so that most bulk email is blocked (which some prefer to do), what you need to do is "whitelist" your chosen list memberships, so that, for example, [EMAIL PROTECTED] as the Sender is a -10 (or lower) score.
As a practical matter, it might be nice to have "on file" a list of howto's that allow your managed list to be whitelisted for the major antispam packages. Then when people ask, you are ready with a recipe.
