Re: white_list is not working.....HELP!
Tony Guadagno wrote: > Bowie, > thanks for your response. Here is the test message > > > MAIL FROM:<[EMAIL PROTECTED]> SIZE=3803 > RCPT TO:<[EMAIL PROTECTED]> > Received: from smtpgw02.fujifilmesys.net ([65.249.152.151]) > by mail.guadagno.org with ESMTP; Tue, 28 Aug 2007 21:13:23 -0400 > X-IronPort-AV: E=Sophos;i="4.19,319,1183348800"; > From: "Tony Guadagno" <[EMAIL PROTECTED]> Get rid of that MAIL FROM: and RCPT TO: junk at the top of the message. That's not normal content for an email message and is probably confusing the parser. (email header names cannot contain spaces, and the MAIL FROM and RCPT TO are SMTP commands, not part of the message that SA would ordinarily receive when processing email. Generally the content of the MAIL FROM is copied into Return-Path at delivery time, and that's how SA would pick up on this data, unless it's added to the Received: header by your MTA. Generally speaking, SA has no idea at all who the RCPT To: is, unless it happens to match the To: header.) Also note that the message didn't have any of your whitelisted domains in the From: header, so even if SA did parse the headers properly -- whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] etc -- or is "whitelist_from [EMAIL PROTECTED]" part of your "etc" in your original post.
RE: white_list is not working.....HELP!
At 08:32 29-08-2007, Tony Guadagno wrote: whitelist_from [EMAIL PROTECTED] Don't whitelist your own domain. It's better to use whitelist_from_rcvd instead of whitelist_from. Regards, -sm
RE: white_list is not working.....HELP!
YEP! that did it i will have to work around that. thanks VERY MUCH!! *** Tony Guadagno Guadagno Consulting [EMAIL PROTECTED] 585.703.6700 *** >>> Bowie Bailey <[EMAIL PROTECTED]> 8/29/2007 12:11 PM >>> Found it. Your test message starts with these two lines: MAIL FROM:<[EMAIL PROTECTED]> SIZE=3803 RCPT TO:<[EMAIL PROTECTED]> These are not valid header lines, so this messes up the header parsing. If you fix these headers to be formatted properly or do SA parsing before adding these headers, the problem will go away. Bowie Tony Guadagno wrote: > Bowie, > I did not include all the whitelistshere they are...also, do > you see why I am getting all the header issues? > > whitelist_from smtpgw01.fujifilmesys.net > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > > > *** > Tony Guadagno > Guadagno Consulting > [EMAIL PROTECTED] > 585.703.6700 > *** > > > > > Bowie Bailey <[EMAIL PROTECTED]> 8/29/2007 11:27 AM >>> > The test message you included did not contain any of your whitelist > addresses. If you want to test the whitelist, you have to use a > message > that will match. > > Bowie > > Tony Guadagno wrote: > > Bowie, > > thanks for your response. Here is the test message > > > > > > > > > > > > > *** > > Tony Guadagno > > Guadagno Consulting > > [EMAIL PROTECTED] > > 585.703.6700 > > *** > > > > > > > Bowie Bailey <[EMAIL PROTECTED]> 8/29/2007 10:55 AM >>> > > Tony Guadagno wrote: > > > Ok, > > > I am a little frustrated. I am missing something and I don't > > > see it. > > > > > > All I am trying to do is > > > > > > whitelist_from [EMAIL PROTECTED] > > > whitelist_from [EMAIL PROTECTED] > > > whitelist_from [EMAIL PROTECTED] > > > etc > > > > > > but it seems that there are no whitelist test running why? > > > > > > Content analysis details: (7.6 points, 5.6 required) > > > > > > pts rule name description > > > -- > > > -- > > > 0.0 MISSING_MIDMissing Message-Id: header > > > 0.0 MISSING_DATE Missing Date: header > > > -0.0 NO_RELAYS Informational: message was not > > > relayed via SMTP > > > 2.5 MISSING_HB_SEP Missing blank line between message > > > header and body > > > 1.3 MISSING_HEADERSMissing To: header > > > 2.0 BAYES_80 BODY: Bayesian spam probability is 80 > > > to 95% [score: 0.8387] > > > 1.8 MISSING_SUBJECTMissing Subject: header > > > -0.0 NO_RECEIVEDInformational: message has no > > > Received headers > > > 0.0 NO_HEADERS_MESSAGE Message appears to be missing most > > > RFC-822 headers > > > > > > I am using sa 3.2.2 and for now, just testing using > > > spamassassing.bat I have --lint and everything seems ok. > > > > > > > > > why is it not whitelisting!!! > > > > The scores you posted seem to indicate that the message you sent to > > spamassassin has no headers. What does your test message look like > > and how did you do the test? > > > > Also, "whitelist_from" is a very bad idea in general. It can be > > fooled VERY easily. Once you fix the problem and get the > > whitelist_from working, you should change it to > > "whitelist_from_rcvd" or "whitelist_from_spf", which are much more > > resistant to spoofing. BEGIN:VCARD VERSION:2.1 X-GWTYPE:USER FN:Tony Guadagno EMAIL;WORK;PREF;NGW:[EMAIL PROTECTED] N:Guadagno;Tony END:VCARD
RE: white_list is not working.....HELP!
Found it. Your test message starts with these two lines: MAIL FROM:<[EMAIL PROTECTED]> SIZE=3803 RCPT TO:<[EMAIL PROTECTED]> These are not valid header lines, so this messes up the header parsing. If you fix these headers to be formatted properly or do SA parsing before adding these headers, the problem will go away. Bowie Tony Guadagno wrote: > Bowie, > I did not include all the whitelistshere they are...also, do > you see why I am getting all the header issues? > > whitelist_from smtpgw01.fujifilmesys.net > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > > > *** > Tony Guadagno > Guadagno Consulting > [EMAIL PROTECTED] > 585.703.6700 > *** > > > > > Bowie Bailey <[EMAIL PROTECTED]> 8/29/2007 11:27 AM >>> > The test message you included did not contain any of your whitelist > addresses. If you want to test the whitelist, you have to use a > message > that will match. > > Bowie > > Tony Guadagno wrote: > > Bowie, > > thanks for your response. Here is the test message > > > > > > > > > > > > > *** > > Tony Guadagno > > Guadagno Consulting > > [EMAIL PROTECTED] > > 585.703.6700 > > *** > > > > > > > Bowie Bailey <[EMAIL PROTECTED]> 8/29/2007 10:55 AM >>> > > Tony Guadagno wrote: > > > Ok, > > > I am a little frustrated. I am missing something and I don't > > > see it. > > > > > > All I am trying to do is > > > > > > whitelist_from [EMAIL PROTECTED] > > > whitelist_from [EMAIL PROTECTED] > > > whitelist_from [EMAIL PROTECTED] > > > etc > > > > > > but it seems that there are no whitelist test running why? > > > > > > Content analysis details: (7.6 points, 5.6 required) > > > > > > pts rule name description > > > -- > > > -- > > > 0.0 MISSING_MIDMissing Message-Id: header > > > 0.0 MISSING_DATE Missing Date: header > > > -0.0 NO_RELAYS Informational: message was not > > > relayed via SMTP > > > 2.5 MISSING_HB_SEP Missing blank line between message > > > header and body > > > 1.3 MISSING_HEADERSMissing To: header > > > 2.0 BAYES_80 BODY: Bayesian spam probability is 80 > > > to 95% [score: 0.8387] > > > 1.8 MISSING_SUBJECTMissing Subject: header > > > -0.0 NO_RECEIVEDInformational: message has no > > > Received headers > > > 0.0 NO_HEADERS_MESSAGE Message appears to be missing most > > > RFC-822 headers > > > > > > I am using sa 3.2.2 and for now, just testing using > > > spamassassing.bat I have --lint and everything seems ok. > > > > > > > > > why is it not whitelisting!!! > > > > The scores you posted seem to indicate that the message you sent to > > spamassassin has no headers. What does your test message look like > > and how did you do the test? > > > > Also, "whitelist_from" is a very bad idea in general. It can be > > fooled VERY easily. Once you fix the problem and get the > > whitelist_from working, you should change it to > > "whitelist_from_rcvd" or "whitelist_from_spf", which are much more > > resistant to spoofing.
RE: white_list is not working.....HELP!
Bowie, I did not include all the whitelistshere they are...also, do you see why I am getting all the header issues? whitelist_from smtpgw01.fujifilmesys.net whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] whitelist_from [EMAIL PROTECTED] *** Tony Guadagno Guadagno Consulting [EMAIL PROTECTED] 585.703.6700 *** >>> Bowie Bailey <[EMAIL PROTECTED]> 8/29/2007 11:27 AM >>> The test message you included did not contain any of your whitelist addresses. If you want to test the whitelist, you have to use a message that will match. Bowie Tony Guadagno wrote: > Bowie, > thanks for your response. Here is the test message > > > > > > *** > Tony Guadagno > Guadagno Consulting > [EMAIL PROTECTED] > 585.703.6700 > *** > > > > > Bowie Bailey <[EMAIL PROTECTED]> 8/29/2007 10:55 AM >>> > Tony Guadagno wrote: > > Ok, > > I am a little frustrated. I am missing something and I don't see > > it. > > > > All I am trying to do is > > > > whitelist_from [EMAIL PROTECTED] > > whitelist_from [EMAIL PROTECTED] > > whitelist_from [EMAIL PROTECTED] > > etc > > > > but it seems that there are no whitelist test running why? > > > > Content analysis details: (7.6 points, 5.6 required) > > > > pts rule name description > > -- > > -- > > 0.0 MISSING_MIDMissing Message-Id: header > > 0.0 MISSING_DATE Missing Date: header > > -0.0 NO_RELAYS Informational: message was not relayed > > via SMTP > > 2.5 MISSING_HB_SEP Missing blank line between message > > header and body > > 1.3 MISSING_HEADERSMissing To: header > > 2.0 BAYES_80 BODY: Bayesian spam probability is 80 to > > 95% [score: 0.8387] > > 1.8 MISSING_SUBJECTMissing Subject: header > > -0.0 NO_RECEIVEDInformational: message has no Received > > headers > > 0.0 NO_HEADERS_MESSAGE Message appears to be missing most > > RFC-822 headers > > > > I am using sa 3.2.2 and for now, just testing using > > spamassassing.bat I have --lint and everything seems ok. > > > > > > why is it not whitelisting!!! > > The scores you posted seem to indicate that the message you sent to > spamassassin has no headers. What does your test message look like > and > how did you do the test? > > Also, "whitelist_from" is a very bad idea in general. It can be > fooled > VERY easily. Once you fix the problem and get the whitelist_from > working, you should change it to "whitelist_from_rcvd" or > "whitelist_from_spf", which are much more resistant to spoofing. BEGIN:VCARD VERSION:2.1 X-GWTYPE:USER FN:Tony Guadagno EMAIL;WORK;PREF;NGW:[EMAIL PROTECTED] N:Guadagno;Tony END:VCARD
RE: white_list is not working.....HELP!
The test message you included did not contain any of your whitelist addresses. If you want to test the whitelist, you have to use a message that will match. Bowie Tony Guadagno wrote: > Bowie, > thanks for your response. Here is the test message > > > > > > *** > Tony Guadagno > Guadagno Consulting > [EMAIL PROTECTED] > 585.703.6700 > *** > > > > > Bowie Bailey <[EMAIL PROTECTED]> 8/29/2007 10:55 AM >>> > Tony Guadagno wrote: > > Ok, > > I am a little frustrated. I am missing something and I don't see > > it. > > > > All I am trying to do is > > > > whitelist_from [EMAIL PROTECTED] > > whitelist_from [EMAIL PROTECTED] > > whitelist_from [EMAIL PROTECTED] > > etc > > > > but it seems that there are no whitelist test running why? > > > > Content analysis details: (7.6 points, 5.6 required) > > > > pts rule name description > > -- > > -- > > 0.0 MISSING_MIDMissing Message-Id: header > > 0.0 MISSING_DATE Missing Date: header > > -0.0 NO_RELAYS Informational: message was not relayed > > via SMTP > > 2.5 MISSING_HB_SEP Missing blank line between message > > header and body > > 1.3 MISSING_HEADERSMissing To: header > > 2.0 BAYES_80 BODY: Bayesian spam probability is 80 to > > 95% [score: 0.8387] > > 1.8 MISSING_SUBJECTMissing Subject: header > > -0.0 NO_RECEIVEDInformational: message has no Received > > headers > > 0.0 NO_HEADERS_MESSAGE Message appears to be missing most > > RFC-822 headers > > > > I am using sa 3.2.2 and for now, just testing using > > spamassassing.bat I have --lint and everything seems ok. > > > > > > why is it not whitelisting!!! > > The scores you posted seem to indicate that the message you sent to > spamassassin has no headers. What does your test message look like > and > how did you do the test? > > Also, "whitelist_from" is a very bad idea in general. It can be > fooled > VERY easily. Once you fix the problem and get the whitelist_from > working, you should change it to "whitelist_from_rcvd" or > "whitelist_from_spf", which are much more resistant to spoofing.
RE: white_list is not working.....HELP!
Bowie, thanks for your response. Here is the test message MAIL FROM:<[EMAIL PROTECTED]> SIZE=3803 RCPT TO:<[EMAIL PROTECTED]> Received: from smtpgw02.fujifilmesys.net ([65.249.152.151]) by mail.guadagno.org with ESMTP; Tue, 28 Aug 2007 21:13:23 -0400 X-IronPort-AV: E=Sophos;i="4.19,319,1183348800"; d="scan'208,217";a="42037106" Received: from unknown (HELO exchange01.fujiesystems.com) ([172.18.1.7]) by Ironport2.fujifilmesys.com with ESMTP; 28 Aug 2007 21:13:26 -0400 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="_=_NextPart_001_01C7E9D9.CE51D79A" Subject: FW: OffZHook pushes needed today Date: Tue, 28 Aug 2007 21:13:22 -0400 Message-ID: <[EMAIL PROTECTED]> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: OffZHook pushes needed today thread-index: AcfpzX9sYZtuwDNJRcim8H0+6Lyt/wADEuq5 References: <[EMAIL PROTECTED]><[EMAIL PROTECTED]><[EMAIL PROTECTED]><[EMAIL PROTECTED]><[EMAIL PROTECTED]><[EMAIL PROTECTED]><[EMAIL PROTECTED]><[EMAIL PROTECTED]><[EMAIL PROTECTED]><[EMAIL PROTECTED]> <[EMAIL PROTECTED]> From: "Tony Guadagno" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> This is a multi-part message in MIME format. --_=_NextPart_001_01C7E9D9.CE51D79A Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable =20 =20 ***=20 Tony Guadagno=20 FujiFilmESys=20 [EMAIL PROTECTED] Office: 585.340.4255=20 Cell: 585.703.6700=20 ***=20 From: Gershom B [mailto:[EMAIL PROTECTED] Sent: Tue 8/28/2007 7:45 PM To: Tony Guadagno; Ed McElvain Subject: Re: OffZHook pushes needed today and another push with a few minor tweaks. this really should be it. thanks, --gershom --_=_NextPart_001_01C7E9D9.CE51D79A Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable =0A= =0A= =0A= =0A= =0A= =0A= =0A= =0A= =0A= *** = Tony Guadagno FujiFilmESys [EMAIL PROTECTED] Office: 585.340.4255 Cell: 585.703.6700 = *** = =0A= =0A= =0A= From: Gershom B = [mailto:[EMAIL PROTECTED]Sent: Tue 8/28/2007 7:45 = PMTo: Tony Guadagno; Ed McElvainSubject: Re: = OffZHook pushes needed today=0A= and another push with a few minor tweaks. this really should be = it.thanks,--gershom --_=_NextPart_001_01C7E9D9.CE51D79A-- *** Tony Guadagno Guadagno Consulting [EMAIL PROTECTED] 585.703.6700 *** >>> Bowie Bailey <[EMAIL PROTECTED]> 8/29/2007 10:55 AM >>> Tony Guadagno wrote: > Ok, > I am a little frustrated. I am missing something and I don't see > it. > > All I am trying to do is > > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > etc > > but it seems that there are no whitelist test running why? > > Content analysis details: (7.6 points, 5.6 required) > > pts rule name description > -- > -- > 0.0 MISSING_MIDMissing Message-Id: header > 0.0 MISSING_DATE Missing Date: header > -0.0 NO_RELAYS Informational: message was not relayed > via SMTP > 2.5 MISSING_HB_SEP Missing blank line between message header > and body > 1.3 MISSING_HEADERSMissing To: header > 2.0 BAYES_80 BODY: Bayesian spam probability is 80 to > 95% [score: 0.8387] > 1.8 MISSING_SUBJECTMissing Subject: header > -0.0 NO_RECEIVEDInformational: message has no Received > headers > 0.0 NO_HEADERS_MESSAGE Message appears to be missing most > RFC-822 headers > > I am using sa 3.2.2 and for now, just testing using spamassassing.bat > I have --lint and everything seems ok. > > > why is it not whitelisting!!! The scores you posted seem to indicate that the message you sent to spamassassin has no headers. What does your test message look like and how did you do the test? Also, "whitelist_from" is a very bad idea in general. It can be fooled VERY easily. Once you fix the problem and get the whitelist_from working, you should change it to "whitelist_from_rcvd" or "whitelist_from_spf", which are much more resistant to spoofing. -- Bowie BEGIN:VCARD VERSION:2.1 X-GWTYPE:USER FN:Tony Guadagno EMAIL;WORK;PREF;NGW:[EMAIL PROTECTED] N:Guadagno;Tony END:VCARD
RE: white_list is not working.....HELP!
Tony Guadagno wrote: > Ok, > I am a little frustrated. I am missing something and I don't see > it. > > All I am trying to do is > > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > whitelist_from [EMAIL PROTECTED] > etc > > but it seems that there are no whitelist test running why? > > Content analysis details: (7.6 points, 5.6 required) > > pts rule name description > -- > -- > 0.0 MISSING_MIDMissing Message-Id: header > 0.0 MISSING_DATE Missing Date: header > -0.0 NO_RELAYS Informational: message was not relayed > via SMTP > 2.5 MISSING_HB_SEP Missing blank line between message header > and body > 1.3 MISSING_HEADERSMissing To: header > 2.0 BAYES_80 BODY: Bayesian spam probability is 80 to > 95% [score: 0.8387] > 1.8 MISSING_SUBJECTMissing Subject: header > -0.0 NO_RECEIVEDInformational: message has no Received > headers > 0.0 NO_HEADERS_MESSAGE Message appears to be missing most > RFC-822 headers > > I am using sa 3.2.2 and for now, just testing using spamassassing.bat > I have --lint and everything seems ok. > > > why is it not whitelisting!!! The scores you posted seem to indicate that the message you sent to spamassassin has no headers. What does your test message look like and how did you do the test? Also, "whitelist_from" is a very bad idea in general. It can be fooled VERY easily. Once you fix the problem and get the whitelist_from working, you should change it to "whitelist_from_rcvd" or "whitelist_from_spf", which are much more resistant to spoofing. -- Bowie
