Dear users !
I`m using exim + spamd + user_prefs in mysql. All works fine.
But I found a bug, when I`m using whitelist, and header rcpt to: have
address with character description, whitelist failed to catch it in
database. For example:
1st message:
spamd: clean message (-91.7/10.0) for
Bug wrote:
Dear users !
I`m using exim + spamd + user_prefs in mysql. All works fine.
But I found a bug, when I`m using whitelist, and header rcpt to: have
address with character description, whitelist failed to catch it in
database. For example:
1st message:
spamd: clean message
Thank you Matt!
Your letter helped me to understand my problem better.
I`m not using sa-spamc, my exim using ACL spam, that connects directly
to spamd ip/port.
My founded solution was described in Exim FAQ:
A0512: Envelope-To: is added at delivery time, by the transport.
Therefore, the
Sherman Lilly wrote:
[Snipped text about forged mail from own domains whitelisted...]
I was looking on the net and I came across a plugin on spamassassin I don't
think i have loaded. Will the SPF plugin help with this problem?
If you publish SPF records for your domains, you can use
René Berber wrote:
Sherman Lilly wrote:
[snip]
I get why they are getting through. They are spoofing the Return-Path.
Is there any way to remedy this problem?
Depends on your server. For sendmail there is:
http://ultra.ap.krakow.pl/~raj/sendmail/english.html
the
As of last Wednesday I am having this problem. In fact it's more then
just USER_IN_WHITELIST, I am getting many reports of incorrect
USER_IN_BLACKLIST.
No I don't whitelist my domain.
Yes I checked the To/From/ReplyTo/EnvelopeFrom/etc.
No the users don't have whitelist/blacklist entries
Sherman Lilly wrote:
I was looking on the net and I came across a plugin on spamassassin I don't
think i have loaded. Will the SPF plugin help with this problem?
Yes... *if* you replace whitelist_from with whitelist_from_spf
Alternatively you can try something like this:
whitelist_from_rcvd
Ok I have an update. I picked a message that was getting marked
USER_IN_WHITELIST once every 5 or so messages. I took the from address
and added this code to Perl..Mail\SpamAssassin\EvalTests.pm
if ($addr =~ qr/$regexp/i) {
dbg(rules: address $addr matches whitelist or blacklist
Will Nordmeyer wrote:
René Berber wrote:
Sherman Lilly wrote:
[snip]
I get why they are getting through. They are spoofing the Return-Path.
Is there any way to remedy this problem?
Depends on your server. For sendmail there is:
http://ultra.ap.krakow.pl/~raj/sendmail/english.html
I have spam getting through that would get filtered if they were not
getting -100 because of the USER_IN_WHITELIST rule. I do have a whitelist but
no of these spam email have anything close to my whitelist.
I am using the latest version of spamassassin and update my rules daily. I
have also
Sherman Lilly wrote:
I have spam getting through that would get filtered if they were not
getting -100 because of the USER_IN_WHITELIST rule. I do have a whitelist but
no of these spam email have anything close to my whitelist.
Yes they do, otherwise you wouldn't see USER_IN_WHITELIST
-Original Message-
From: Daryl C. W. O'Shea [mailto:[EMAIL PROTECTED]
Sent: Monday, January 22, 2007 10:40 AM
To: Sherman Lilly
Cc: users@spamassassin.apache.org
Subject: Re: USER_IN_WHITELIST problem
Sherman Lilly wrote:
I have spam getting through that would get filtered if they were
: users@spamassassin.apache.org
Subject: Re: USER_IN_WHITELIST problem
Sherman Lilly wrote:
I have spam getting through that would get filtered if they were not
getting -100 because of the USER_IN_WHITELIST rule. I do have a
whitelist but
no of these spam email have anything close to my whitelist
On Monday 22 January 2007 11:39, you wrote:
Sherman Lilly wrote:
I have spam getting through that would get filtered if they were not
getting -100 because of the USER_IN_WHITELIST rule. I do have a whitelist
but no of these spam email have anything close to my whitelist.
Yes they do,
Do you have some example headers?
This is a legitimate email, but it got flagged as USER_IN_WHITELIST
while CNN is not listed in my whitelist:
Received: from cnnimail33.turner.com (cnnimail33.turner.com
[64.236.25.90])
by spamfilter.onlineky.net (Postfix) with ESMTP id 2FB331757E
Drew Burchett wrote:
Do you have some example headers?
This is a legitimate email, but it got flagged as USER_IN_WHITELIST
while CNN is not listed in my whitelist:
You didn't include the envelope from address in any of your examples.
Daryl
that is getting through. It should have failed.
Why should it have failed?
WHITELIST_FROM [EMAIL PROTECTED]
[...]
Return-Path: [EMAIL PROTECTED]
* You have whitelisted all mail from [EMAIL PROTECTED].
* The mail is from [EMAIL PROTECTED] according to the SMTP envelope.
= You have whitelisted
On Monday 22 January 2007 12:51, Jonas Eckerman wrote:
that is getting through. It should have failed.
Why should it have failed?
WHITELIST_FROM [EMAIL PROTECTED]
[...]
Return-Path: [EMAIL PROTECTED]
* You have whitelisted all mail from [EMAIL PROTECTED].
* The mail is from [EMAIL
Sherman Lilly wrote:
[snip]
I was looking on the net and I came across a plugin on spamassassin I don't
think i have loaded. Will the SPF plugin help with this problem?
No, I think the default score is 0.0, and it's only for positive id (thus I add
points, not subtract).
Botnet plugin
Nick Rout wrote:
So I take it USER_IN_WHITELIST also checks Return-Path? I wonder where
Return-Path is being set? Is it likely to be set by the spammer? Or is
my system adding it in somewhere (probably in error).
Return-Path is usually added by the receiving system, and contains the
envelope
On Wed, 23 Aug 2006 14:49:19 -0700
Kelson wrote:
Nick Rout wrote:
So I take it USER_IN_WHITELIST also checks Return-Path? I wonder where
Return-Path is being set? Is it likely to be set by the spammer? Or is
my system adding it in somewhere (probably in error).
Return-Path is usually
Hi, I am new to this list and certainly not a SA expert, however I have
moderate experience in general linux issues and mailer issues.
I am getting a series of messages allowed through on the basis of
USER_IN_WHITELIST. I have searched the mailing list archive and pored
over my setup files and
Nick Rout wrote:
Hi, I am new to this list and certainly not a SA expert, however I have
moderate experience in general linux issues and mailer issues.
I am getting a series of messages allowed through on the basis of
USER_IN_WHITELIST. I have searched the mailing list archive and pored
over my
Nick Rout wrote:
Hi, I am new to this list and certainly not a SA expert, however I have
moderate experience in general linux issues and mailer issues.
I am getting a series of messages allowed through on the basis of
USER_IN_WHITELIST. I have searched the mailing list archive and pored
over my
On Tue, 22 Aug 2006 19:58:59 -0400
Rick Macdougall wrote:
Return-Path: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 3.1.3-gr0 (2006-06-01) on
www.rout.co.nz
X-Spam-Level:
X-Spam-Status: No, score=-88.6 required=5.5 tests=AWL,BAYES_99,
Nick Rout wrote:
On Tue, 22 Aug 2006 19:58:59 -0400
Thanks, quick reply! (Thanks too Daryl, also quick)
So I take it USER_IN_WHITELIST also checks Return-Path? I wonder where
Return-Path is being set? Is it likely to be set by the spammer? Or is
my system adding it in somewhere (probably in
From: Nick Rout [EMAIL PROTECTED]
On Tue, 22 Aug 2006 19:58:59 -0400
Rick Macdougall wrote:
Return-Path: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 3.1.3-gr0 (2006-06-01) on www.rout.co.nz
X-Spam-Level:
X-Spam-Status: No, score=-88.6 required=5.5 tests=AWL,BAYES_99,
27 matches
Mail list logo