At 11:11 PM 12/16/2002 -0700, Bob Proulx wrote:
Yes, the current release version of SA is 2.43, and I think that feature was added with 2.40. 2.43 can be gotten from http://spamassassin.sf.net. The current devel/cvs is on 2.50. The developers seem to be wanting to get a release of 2.50 out by years end, but with several key developers taking vacations for the holidays that is unlikely. I would however expect a release 2.50 to come out sometime before the 3rd week of January (strictly a loosely educated guess by someone who is not any real part of the devel team, but reads the saDev mailing list)Matt Kettler <[EMAIL PROTECTED]> [2002-12-16 16:24:21 -0500]:Therefore I assume this is only available in versions newer than 2.31 somewhere. Is that correct?
Yes, that's a boolean AND.. whitelist_from_rcvd takes 2 parameters, the first of which must match the from: line, the second must match some part of a received header, and it must match BOTH to be a whitelist.> Basically whitelist_from_rcvd forces a check of both the from: address and > the received headers. This makes it so the whitelist cannot be spoofed > merely by substituting a from: line. It is a boolean AND? As in both From: AND in Received:? I assume it only uses the domain portion for the Received: header check? Just trying to understand how the check for the Received: header is worked in. I assume it handles the popular exim, postfix, sendmail formats. Sweet!
so the command for whitelisting me looks like this currently (yes, I know I need to get my reverse DNS mapped.. :)
whitelist_from_rcvd [EMAIL PROTECTED] 208-39-141-94.isp.comcastbusiness.net
And less restrictive versions work too:
whitelist_from_rcvd *@evi-inc.com isp.comcastbusiness.net
The whitelist_from_rcvd feature was added specifically to address the problem of from address forging. Old versions of SA had some default whitelist entries that spammers started abusing by forging from addresses. Hence modern versions have a default whitelist that uses whitelist_from_rcvd commands instead, making spoofing much harder (it is still possible, but it's more work than just changing a from: line:)
-------------------------------------------------------
This sf.net email is sponsored by:
With Great Power, Comes Great Responsibility Learn to use your power at OSDN's High Performance Computing Channel
http://hpc.devchannel.org/
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
