Re: whitelist_from_rcvd and short circuit
Chris wrote: > It appears as though I don't understand how this is supposed to work. I > have a file in /etc/mail/spamassassin called my-whitelist.cf. In it I > have entries such as: > > > > whitelist_from_rcvd harley-requ...@the-hed.net the-hed.net > > > however, a message from the 2nd address doesn't hit the > USER_IN_WHITELIST for some reason: > > Return-path: harley-requ...@the-hed.net > X-spam-checker-version: SpamAssassin 3.2.5 (2008-06-10) on > localhost.localdomain > X-spam-status: No, score=-4.9 required=5.0 > tests=AWL=0.445,BAYES_00=-6.4, > DCC_CHECK_NEGATIVE=-0.0001,KHOP_NO_FULL_NAME=0.259,RDNS_NONE=0.1, > SPF_NEUTRAL=0.686,UNPARSEABLE_RELAY=0.001 > AWL,BAYES_00,DCC_CHECK_NEGATIVE, > KHOP_NO_FULL_NAME,RDNS_NONE,SPF_NEUTRAL,UNPARSEABLE_RELAY > shortcircuit=no autolearn=disabled version=3.2.5 > > Complete headers of both posts are here: > > http://pastebin.com/m1d1d5e07 > > > So, what am I doing wrong here? > Two problems with that message: First, there's an unparsable Received: header, which appears to be the one created by your fetchmail. That's breaking SA's trust path, and preventing any hosts from being trusted, making whitelist_from_rcvd impossible. I'm not sure what's throwing it off, but the (single-drop) bit looks a bit odd to me. You need to get SA to understand the Received: headers for any Received-based mechanisms to work. You'll also need it to trust all the servers at your isp/esp/whatever relationship you have with embarqmail.com and synacor.com. Second, the message from "harley-requ...@the-hed.net" is not relayed to your site from a server using the-hed.net as it's reverse DNS. In fact, the-hed.net is not used as the domain of *ANY* server in the received headers of that message. The server they appear to be using is kyoto.hostforweb.net, so "hostforweb.net" should be the second parameter in your whitelist_from_rcvd, not the-hed.net.
whitelist_from_rcvd and short circuit
It appears as though I don't understand how this is supposed to work. I have a file in /etc/mail/spamassassin called my-whitelist.cf. In it I have entries such as: whitelist_from_rcvd serv...@freenet.de freenet.de whitelist_from_rcvd harley-requ...@the-hed.net the-hed.net In my local.cf I have: # slower, network-based whitelisting meta SC_NET_HAM (USER_IN_DKIM_WHITELIST||USER_IN_DK_WHITELIST|| USER_IN_SPF_WHITELIST||USER_IN_DEF_DK_WL||USER_IN_DEF_DKIM_WL|| USER_IN_DEF_SPF_WL||USER_IN_WHITELIST||USER_IN_DEF_WHITELIST) priority SC_NET_HAM -500 shortcircuit SC_NET_HAM ham score SC_NET_HAM -20 A message from the first address above came in yesterday and was promptly shortcircuited: Return-Path: <> X-spam-checker-version: SpamAssassin 3.2.5 (2008-06-10) on localhost.localdomain X-spam-status: No, score=-100.0 required=5.0 tests=USER_IN_WHITELIST=-100 USER_IN_WHITELIST shortcircuit=ham autolearn=disabled version=3.2.5 however, a message from the 2nd address doesn't hit the USER_IN_WHITELIST for some reason: Return-path: harley-requ...@the-hed.net X-spam-checker-version: SpamAssassin 3.2.5 (2008-06-10) on localhost.localdomain X-spam-status: No, score=-4.9 required=5.0 tests=AWL=0.445,BAYES_00=-6.4, DCC_CHECK_NEGATIVE=-0.0001,KHOP_NO_FULL_NAME=0.259,RDNS_NONE=0.1, SPF_NEUTRAL=0.686,UNPARSEABLE_RELAY=0.001 AWL,BAYES_00,DCC_CHECK_NEGATIVE, KHOP_NO_FULL_NAME,RDNS_NONE,SPF_NEUTRAL,UNPARSEABLE_RELAY shortcircuit=no autolearn=disabled version=3.2.5 Complete headers of both posts are here: http://pastebin.com/m1d1d5e07 60_shortcircuit.cf shows: default: strongly-whitelisted mails are *really* whitelisted now, if the # shortcircuiting plugin is active, causing early exit to save CPU load shortcircuit USER_IN_WHITELIST on shortcircuit USER_IN_DEF_WHITELIST on shortcircuit USER_IN_ALL_SPAM_TO on shortcircuit SUBJECT_IN_WHITELISTon As shown in the first msg above, shortcircuit is active. So, what am I doing wrong here? Thanks for any advice Chris -- KeyID 0xE372A7DA98E6705C signature.asc Description: This is a digitally signed message part