Re: what does whitelist_from act on
Byung-Hee HWANG wrote: Matt, i didn't tell you. why did you reply for me? i was rather agreeing with you on the spf's mention. okay anyway you shoud make him(K Anand) do the spf patching with qmail. Ok guys... I think I will have to patch Qmail with the patch suggested above...Let me try that. Thanx for all your time in trying to educate me. I think I learnt a lot. I really found out the meaning of 'You can never stop learning' thro this thread... Anand
Re: what does whitelist_from act on
On Fri, 2007-11-16 at 08:25 -0500, Matt Kettler wrote: > Byung-Hee HWANG wrote: > > On Fri, 2007-11-16 at 13:27 +0530, K Anand wrote: > > > >> Matt Kettler wrote: > >> > >>> K Anand wrote: > >>> > I have whitelist_from [EMAIL PROTECTED] in my conf. > As per the docs, they say that whitelist_from will act on > > Envelope-Sender > Resent-Sender > X-Envelope-From > From > > >>> "In addition, the ``envelope sender'' data, taken from the SMTP envelope > >>> data where this is available, is looked up. See |envelope_sender_header|." > >>> > >>> So it should also, by default, match the Return-Path header. > >>> > >>> *HOWEVER* that assumes the header is present at the time of scanning. > >>> Normally this header is not present at the MTA layer. It's a delivery > >>> agent thing. > >>> > >>> Many MTA layer SA integration tools create a fake return-path header > >>> and then remove it. > >>> > >>> SimScan (which you appear to use) doesn't do this, at least, the last > >>> person who was asking about the same basic problem (although it was > >>> relating to SPF, it still was failing due to lack of envelope > >>> information at scan time). > >>> > >>> You might be able to use the same solution he did, which patches qmail > >>> to add the envelope-from information to your Received: headers. > >>> > >>> See also: > >>> > >>> http://wiki.apache.org/spamassassin/QmailSpfPatch > >>> > >>> > >> I'm using qmailtoaster which is netqmail + some patches which include a > >> patch for spf (http://www.saout.de/misc/spf/). [...] > >> > > > > your matter's point is not the Sender Policy Framework (SPF). > > > Yes, I know that. Please read the post where I suggested the SPF patch > might fix his problem. Matt, i didn't tell you. why did you reply for me? i was rather agreeing with you on the spf's mention. okay anyway you shoud make him(K Anand) do the spf patching with qmail. -- "Until that time we have to guard against all treacheries." -- Vito Corleone, "Chapter 20", page 296
Re: what does whitelist_from act on
Matt Kettler wrote: > > It is really a misnomer to call the patch from SpamAssassin a SPF patch. Self correction: The patch at http://wiki.apache.org/spamassassin/QmailSpfPatch isn't from SpamAssassin, or its developers. The patch is from the SpamAssassin community wiki.
Re: what does whitelist_from act on
K Anand wrote: >> >> >> See also: >> >> http://wiki.apache.org/spamassassin/QmailSpfPatch >> > > > I'm using qmailtoaster which is netqmail + some patches which include > a patch for spf (http://www.saout.de/misc/spf/). People are able to > use spf with qmailtoaster. This implies that envelope information > should be available at scan time. Nope. Read the saut.de patch. There's no modification to the "received" fuction which adds Received: headers. That patch handles SPF checks entirely within Qmail. Because it handles it inside Qmail, it has no need to add information to the Received: headers. It is really a misnomer to call the patch from SpamAssassin a SPF patch. It is not a SPF patch. All it does is add envelope information to your Received: headers. This is required to let SA's implementation of SPF work, but it doesn't add anything SPF specific to Qmail. I can also tell you for sure you don't have anything equivalent to the SA patch by looking at your message header: Received: from unknown (HELO ?10.128.1.85?) (10.128.1.85) by sail-steel.com with SMTP; Fri, 16 Nov 2007 08:02:15 + I don't see any envelope from clause in there. If you had the SA patch it would look like this: Received: from unknown (HELO ?10.128.1.85?) (10.128.1.85) by sail-steel.com (envelope-from [EMAIL PROTECTED]) with SMTP; Fri, 16 Nov 2007 08:02:15 + If you're in doubt, try re-running a message that failed to match the whitelist through SA after its been delivered. At that point, the Return-Path should exist, and the whitelist should fire off just fine.. > > Anand >
Re: what does whitelist_from act on
Byung-Hee HWANG wrote: > On Fri, 2007-11-16 at 13:27 +0530, K Anand wrote: > >> Matt Kettler wrote: >> >>> K Anand wrote: >>> I have whitelist_from [EMAIL PROTECTED] in my conf. As per the docs, they say that whitelist_from will act on Envelope-Sender Resent-Sender X-Envelope-From From >>> "In addition, the ``envelope sender'' data, taken from the SMTP envelope >>> data where this is available, is looked up. See |envelope_sender_header|." >>> >>> So it should also, by default, match the Return-Path header. >>> >>> *HOWEVER* that assumes the header is present at the time of scanning. >>> Normally this header is not present at the MTA layer. It's a delivery >>> agent thing. >>> >>> Many MTA layer SA integration tools create a fake return-path header >>> and then remove it. >>> >>> SimScan (which you appear to use) doesn't do this, at least, the last >>> person who was asking about the same basic problem (although it was >>> relating to SPF, it still was failing due to lack of envelope >>> information at scan time). >>> >>> You might be able to use the same solution he did, which patches qmail >>> to add the envelope-from information to your Received: headers. >>> >>> See also: >>> >>> http://wiki.apache.org/spamassassin/QmailSpfPatch >>> >>> >> I'm using qmailtoaster which is netqmail + some patches which include a >> patch for spf (http://www.saout.de/misc/spf/). [...] >> > > your matter's point is not the Sender Policy Framework (SPF). > Yes, I know that. Please read the post where I suggested the SPF patch might fix his problem. > >
Re: what does whitelist_from act on
Matt Kettler wrote: K Anand wrote: I have whitelist_from [EMAIL PROTECTED] in my conf. As per the docs, they say that whitelist_from will act on Envelope-Sender Resent-Sender X-Envelope-From From "In addition, the ``envelope sender'' data, taken from the SMTP envelope data where this is available, is looked up. See |envelope_sender_header|." So it should also, by default, match the Return-Path header. *HOWEVER* that assumes the header is present at the time of scanning. Normally this header is not present at the MTA layer. It's a delivery agent thing. Many MTA layer SA integration tools create a fake return-path header and then remove it. SimScan (which you appear to use) doesn't do this, at least, the last person who was asking about the same basic problem (although it was relating to SPF, it still was failing due to lack of envelope information at scan time). You might be able to use the same solution he did, which patches qmail to add the envelope-from information to your Received: headers. See also: http://wiki.apache.org/spamassassin/QmailSpfPatch I'm using qmailtoaster which is netqmail + some patches which include a patch for spf (http://www.saout.de/misc/spf/). People are able to use spf with qmailtoaster. This implies that envelope information should be available at scan time. Anand
Re: what does whitelist_from act on
On Fri, 2007-11-16 at 13:27 +0530, K Anand wrote: > Matt Kettler wrote: > > K Anand wrote: > >> I have whitelist_from [EMAIL PROTECTED] in my conf. > >> As per the docs, they say that whitelist_from will act on > >> > >> Envelope-Sender > >> Resent-Sender > >> X-Envelope-From > >> From > > "In addition, the ``envelope sender'' data, taken from the SMTP envelope > > data where this is available, is looked up. See |envelope_sender_header|." > > > > So it should also, by default, match the Return-Path header. > > > > *HOWEVER* that assumes the header is present at the time of scanning. > > Normally this header is not present at the MTA layer. It's a delivery > > agent thing. > > > > Many MTA layer SA integration tools create a fake return-path header > > and then remove it. > > > > SimScan (which you appear to use) doesn't do this, at least, the last > > person who was asking about the same basic problem (although it was > > relating to SPF, it still was failing due to lack of envelope > > information at scan time). > > > > You might be able to use the same solution he did, which patches qmail > > to add the envelope-from information to your Received: headers. > > > > See also: > > > > http://wiki.apache.org/spamassassin/QmailSpfPatch > > > > > I'm using qmailtoaster which is netqmail + some patches which include a > patch for spf (http://www.saout.de/misc/spf/). [...] your matter's point is not the Sender Policy Framework (SPF). -- "Some people want to kill you, understand? But I'm here so don't be afraid." "Why should I be afraid now? Strange men have come to kill me ever since I was twelve years old." -- Michael Corleone and Vito Corleone, "Chapter 9", page 123
Re: what does whitelist_from act on
K Anand wrote: > I have whitelist_from [EMAIL PROTECTED] in my conf. > As per the docs, they say that whitelist_from will act on > > Envelope-Sender > Resent-Sender > X-Envelope-From > From "In addition, the ``envelope sender'' data, taken from the SMTP envelope data where this is available, is looked up. See |envelope_sender_header|." So it should also, by default, match the Return-Path header. *HOWEVER* that assumes the header is present at the time of scanning. Normally this header is not present at the MTA layer. It's a delivery agent thing. Many MTA layer SA integration tools create a fake return-path header and then remove it. SimScan (which you appear to use) doesn't do this, at least, the last person who was asking about the same basic problem (although it was relating to SPF, it still was failing due to lack of envelope information at scan time). You might be able to use the same solution he did, which patches qmail to add the envelope-from information to your Received: headers. See also: http://wiki.apache.org/spamassassin/QmailSpfPatch
what does whitelist_from act on
I have whitelist_from [EMAIL PROTECTED] in my conf. As per the docs, they say that whitelist_from will act on Envelope-Sender Resent-Sender X-Envelope-From From However, from the below mails, it can be seen that this is not the case or I have a misconfiguration somewhere. Mail 1 : Return-Path: <[EMAIL PROTECTED]> Delivered-To: [EMAIL PROTECTED] Received: (qmail 4353 invoked by uid 89); 6 Nov 2007 05:07:04 - Received: by simscan 1.2.0 ppid: 4342, pid: 4348, t: 1.1495s scanners: attach: 1.2.0 clamav: 0.90/m:42 spam: 3.1.1 X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on sail-steel.com X-Spam-Level: X-Spam-Status: No, score=-100.9 required=5.0 tests=AWL,BAYES_00,NO_REAL_NAME, TW_ZM,USER_IN_WHITELIST autolearn=no version=3.1.1 Received: from unknown (HELO ns2.qmailtoaster.com) (209.177.154.102) . . . From: [EMAIL PROTECTED] Mail 2 : Return-Path: <[EMAIL PROTECTED]> Delivered-To: [EMAIL PROTECTED] Received: (qmail 5267 invoked by uid 89); 14 Nov 2007 04:45:32 - Received: by simscan 1.2.0 ppid: 5181, pid: 5197, t: 4.5430s scanners: attach: 1.2.0 clamav: 0.90/m:42 spam: 3.1.1 X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on sail-steel.com X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_00,J_CHICKENPOX_34, SARE_SUB_OBFU_Q1 autolearn=no version=3.1.1 Received: from unknown (HELO ns2.qmailtoaster.com) (209.177.154.102) . . . From: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> Can someone help ? Anand PS : I'm having similar problems with SA list as well.
