subject:"\[Mimedefang\] score USER_IN_WHITELIST

Re: [Mimedefang] score USER_IN_WHITELIST_TO

2017-11-22 Thread Bill Cole


On 22 Nov 2017, at 16:39 (-0500), Kris Deugau wrote:
[...]
Right, sorry, I forgot about those kind of cases (even in the man page 
IIRC).  I've always excluded those by just not passing their mail to 
SA - either because of some magic in my MIMEDefang setup, or by 
disabling the call to SA at final delivery to a mailbox.


You can set the score for this the same as any other rule, by adding 
this to sa-mimedefang.cf:


score USER_IN_WHITELIST_TO  -100

Note that this affects *all* whitelist_to entries;  there is no way to 
selectively set a different score for each one.  If you need to do 
that, you probably need to make larger changes in the mail flow for 
those recipients so you can bypass SA entirely, or process it but 
deliver as usual instead of quarantining for those recipients.


Not wanting to seem argumentative for its own sake or turn this into 
, but this is from one of my local config 
files:


# Default is -6 but this is a more useful value
score USER_IN_WHITELIST_TO -3
# Default is -20 but that's too much for most exposed accounts
score USER_IN_MORE_SPAM_TO -10.000
# Default is -100 but "all" really shouldn't extend that far. There are 
limits...

score USER_IN_ALL_SPAM_TO -40.000

Because as 'perldoc  Mail::SpamAssassin::Conf' explains:

   There are three levels of To-whitelisting, "whitelist_to",
   "more_spam_to" and "all_spam_to". Users in the first level may
   still get some spammish mails blocked, but users in "all_spam_to"
   should never get mail blocked.

I use this to both protect role addresses and (in conjunction with 
Postfix config) to provide users with multiple flavors of tagged 
addresses that get different levels of protection from my draconian 
local SA rules and the local DNSBL (not queryable from outside although 
idiots do try) which lists space used by a whole lot of perfectly 
innocent people (literally billions) and more than a few part-time 
miscreants (e.g. SendGrid, MailChimp, etc.)



--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] score USER_IN_WHITELIST_TO

2017-11-22 Thread Kris Deugau


Marcus Schopen wrote:

Am Dienstag, den 21.11.2017, 10:32 -0500 schrieb Bill Cole:

On 20 Nov 2017, at 16:41 (-0500), Kris Deugau wrote:


USER_IN_WHITELIST_TO applies to all mail for a given recipient;  IMO
it's a crude hack to work around cases where whatever is calling SA
can't use the SA userprefs system to just change the threshold
instead.


It is very useful for protecting role aliases (e.g. abuse, postmaster)
that are mapped to targets (e.g. root or an off-system address) that
should not generally be left unprotected.


This is what I want to use it for: postmaster@ and abuse@


Right, sorry, I forgot about those kind of cases (even in the man page 
IIRC).  I've always excluded those by just not passing their mail to SA 
- either because of some magic in my MIMEDefang setup, or by disabling 
the call to SA at final delivery to a mailbox.


You can set the score for this the same as any other rule, by adding 
this to sa-mimedefang.cf:


score USER_IN_WHITELIST_TO  -100

Note that this affects *all* whitelist_to entries;  there is no way to 
selectively set a different score for each one.  If you need to do that, 
you probably need to make larger changes in the mail flow for those 
recipients so you can bypass SA entirely, or process it but deliver as 
usual instead of quarantining for those recipients.


-kgd
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] score USER_IN_WHITELIST_TO

2017-11-22 Thread Marcus Schopen

Am Dienstag, den 21.11.2017, 10:32 -0500 schrieb Bill Cole:
> On 20 Nov 2017, at 16:41 (-0500), Kris Deugau wrote:
> 
> > USER_IN_WHITELIST_TO applies to all mail for a given recipient;  IMO 
> > it's a crude hack to work around cases where whatever is calling SA 
> > can't use the SA userprefs system to just change the threshold 
> > instead.
> 
> It is very useful for protecting role aliases (e.g. abuse, postmaster) 
> that are mapped to targets (e.g. root or an off-system address) that 
> should not generally be left unprotected.

This is what I want to use it for: postmaster@ and abuse@

Ciao!


___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] score USER_IN_WHITELIST_TO

2017-11-21 Thread Bill Cole


On 20 Nov 2017, at 16:41 (-0500), Kris Deugau wrote:

USER_IN_WHITELIST_TO applies to all mail for a given recipient;  IMO 
it's a crude hack to work around cases where whatever is calling SA 
can't use the SA userprefs system to just change the threshold 
instead.


It is very useful for protecting role aliases (e.g. abuse, postmaster) 
that are mapped to targets (e.g. root or an off-system address) that 
should not generally be left unprotected.


It also is useful to allow end users to create ad hoc tagged addresses 
on the fly that get more lenient treatment without needing to create any 
per-address config on the server. If the tag (or in some cases, the 
whole local-part for a 1-user virtual domain) matches a specific 
pattern, it is given a pass round the insane local blacklist and a 
SpamAssassin bonus. Users can kill a particular tagged address by moving 
mail to that address into a special IMAP mailbox. This is far simpler 
than training users to manage a user_prefs file or database record.



--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] score USER_IN_WHITELIST_TO

2017-11-20 Thread Kris Deugau


Marcus Schopen wrote:

Hi,

setting

  whitelist_to

in sa-mimedefang.cf seems to hit

  score USER_IN_WHITELIST_TO   -6.0  # they want some spam

spamassassin score, so the score is reduced by a value of 6.0.


How do I hit the -100 score

 score USER_IN_WHITELIST-100.0

using sa-mimedefang.cf?


USER_IN_WHITELIST is triggered by matching a whitelist_from (not 
recommended) or whitelist_from_rcvd entry.  There are matching rules for 
DKIM (USER_IN_DKIM_WHITELIST) and SPF pass (USER_IN_SPF_WHITELIST) 
results based on whitelist_from_dkim, whitelist_from_spf, or whitelist_auth.


None of these are based on the recipient;  they are all based on the sender.

USER_IN_WHITELIST_TO applies to all mail for a given recipient;  IMO 
it's a crude hack to work around cases where whatever is calling SA 
can't use the SA userprefs system to just change the threshold instead. 
From MIMEDefang you also have the potential issue that a message may 
have more than one recipient;  if you want to apply per-recipient 
policies you'll have to use stream_by_recipient to keep all the 
management in MIMEDefang.


If you really want to apply a -100 score to a *recipient*, you're 
probably better off altering your MD call to SpamAssassin to just not 
pass mail for that recipient to SA in the first place.


-kgd
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

[Mimedefang] score USER_IN_WHITELIST_TO

2017-11-20 Thread Marcus Schopen

Hi,

setting 

  whitelist_to

in sa-mimedefang.cf seems to hit 

  score USER_IN_WHITELIST_TO   -6.0  # they want some spam

spamassassin score, so the score is reduced by a value of 6.0.


How do I hit the -100 score

 score USER_IN_WHITELIST-100.0

using sa-mimedefang.cf?

Ciao
Marcus


___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] score USER_IN_WHITELIST_TO

Re: [Mimedefang] score USER_IN_WHITELIST_TO

Re: [Mimedefang] score USER_IN_WHITELIST_TO

Re: [Mimedefang] score USER_IN_WHITELIST_TO

Re: [Mimedefang] score USER_IN_WHITELIST_TO

[Mimedefang] score USER_IN_WHITELIST_TO

6 matches

Site Navigation

Mail list logo

Footer information