Re: [Mimedefang] score USER_IN_WHITELIST_TO
On 22 Nov 2017, at 16:39 (-0500), Kris Deugau wrote: [...] Right, sorry, I forgot about those kind of cases (even in the man page IIRC). I've always excluded those by just not passing their mail to SA - either because of some magic in my MIMEDefang setup, or by disabling the call to SA at final delivery to a mailbox. You can set the score for this the same as any other rule, by adding this to sa-mimedefang.cf: score USER_IN_WHITELIST_TO -100 Note that this affects *all* whitelist_to entries; there is no way to selectively set a different score for each one. If you need to do that, you probably need to make larger changes in the mail flow for those recipients so you can bypass SA entirely, or process it but deliver as usual instead of quarantining for those recipients. Not wanting to seem argumentative for its own sake or turn this into, but this is from one of my local config files: # Default is -6 but this is a more useful value score USER_IN_WHITELIST_TO -3 # Default is -20 but that's too much for most exposed accounts score USER_IN_MORE_SPAM_TO -10.000 # Default is -100 but "all" really shouldn't extend that far. There are limits... score USER_IN_ALL_SPAM_TO -40.000 Because as 'perldoc Mail::SpamAssassin::Conf' explains: There are three levels of To-whitelisting, "whitelist_to", "more_spam_to" and "all_spam_to". Users in the first level may still get some spammish mails blocked, but users in "all_spam_to" should never get mail blocked. I use this to both protect role addresses and (in conjunction with Postfix config) to provide users with multiple flavors of tagged addresses that get different levels of protection from my draconian local SA rules and the local DNSBL (not queryable from outside although idiots do try) which lists space used by a whole lot of perfectly innocent people (literally billions) and more than a few part-time miscreants (e.g. SendGrid, MailChimp, etc.) -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Currently Seeking Steady Work: https://linkedin.com/in/billcole ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] score USER_IN_WHITELIST_TO
Marcus Schopen wrote: Am Dienstag, den 21.11.2017, 10:32 -0500 schrieb Bill Cole: On 20 Nov 2017, at 16:41 (-0500), Kris Deugau wrote: USER_IN_WHITELIST_TO applies to all mail for a given recipient; IMO it's a crude hack to work around cases where whatever is calling SA can't use the SA userprefs system to just change the threshold instead. It is very useful for protecting role aliases (e.g. abuse, postmaster) that are mapped to targets (e.g. root or an off-system address) that should not generally be left unprotected. This is what I want to use it for: postmaster@ and abuse@ Right, sorry, I forgot about those kind of cases (even in the man page IIRC). I've always excluded those by just not passing their mail to SA - either because of some magic in my MIMEDefang setup, or by disabling the call to SA at final delivery to a mailbox. You can set the score for this the same as any other rule, by adding this to sa-mimedefang.cf: score USER_IN_WHITELIST_TO -100 Note that this affects *all* whitelist_to entries; there is no way to selectively set a different score for each one. If you need to do that, you probably need to make larger changes in the mail flow for those recipients so you can bypass SA entirely, or process it but deliver as usual instead of quarantining for those recipients. -kgd ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] score USER_IN_WHITELIST_TO
Am Dienstag, den 21.11.2017, 10:32 -0500 schrieb Bill Cole: > On 20 Nov 2017, at 16:41 (-0500), Kris Deugau wrote: > > > USER_IN_WHITELIST_TO applies to all mail for a given recipient; IMO > > it's a crude hack to work around cases where whatever is calling SA > > can't use the SA userprefs system to just change the threshold > > instead. > > It is very useful for protecting role aliases (e.g. abuse, postmaster) > that are mapped to targets (e.g. root or an off-system address) that > should not generally be left unprotected. This is what I want to use it for: postmaster@ and abuse@ Ciao! ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] score USER_IN_WHITELIST_TO
On 20 Nov 2017, at 16:41 (-0500), Kris Deugau wrote: USER_IN_WHITELIST_TO applies to all mail for a given recipient; IMO it's a crude hack to work around cases where whatever is calling SA can't use the SA userprefs system to just change the threshold instead. It is very useful for protecting role aliases (e.g. abuse, postmaster) that are mapped to targets (e.g. root or an off-system address) that should not generally be left unprotected. It also is useful to allow end users to create ad hoc tagged addresses on the fly that get more lenient treatment without needing to create any per-address config on the server. If the tag (or in some cases, the whole local-part for a 1-user virtual domain) matches a specific pattern, it is given a pass round the insane local blacklist and a SpamAssassin bonus. Users can kill a particular tagged address by moving mail to that address into a special IMAP mailbox. This is far simpler than training users to manage a user_prefs file or database record. -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Currently Seeking Steady Work: https://linkedin.com/in/billcole ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] score USER_IN_WHITELIST_TO
Marcus Schopen wrote: Hi, setting whitelist_to in sa-mimedefang.cf seems to hit score USER_IN_WHITELIST_TO -6.0 # they want some spam spamassassin score, so the score is reduced by a value of 6.0. How do I hit the -100 score score USER_IN_WHITELIST-100.0 using sa-mimedefang.cf? USER_IN_WHITELIST is triggered by matching a whitelist_from (not recommended) or whitelist_from_rcvd entry. There are matching rules for DKIM (USER_IN_DKIM_WHITELIST) and SPF pass (USER_IN_SPF_WHITELIST) results based on whitelist_from_dkim, whitelist_from_spf, or whitelist_auth. None of these are based on the recipient; they are all based on the sender. USER_IN_WHITELIST_TO applies to all mail for a given recipient; IMO it's a crude hack to work around cases where whatever is calling SA can't use the SA userprefs system to just change the threshold instead. From MIMEDefang you also have the potential issue that a message may have more than one recipient; if you want to apply per-recipient policies you'll have to use stream_by_recipient to keep all the management in MIMEDefang. If you really want to apply a -100 score to a *recipient*, you're probably better off altering your MD call to SpamAssassin to just not pass mail for that recipient to SA in the first place. -kgd ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] score USER_IN_WHITELIST_TO
Hi, setting whitelist_to in sa-mimedefang.cf seems to hit score USER_IN_WHITELIST_TO -6.0 # they want some spam spamassassin score, so the score is reduced by a value of 6.0. How do I hit the -100 score score USER_IN_WHITELIST-100.0 using sa-mimedefang.cf? Ciao Marcus ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang