The following slips through due to "USER_IN_WHITELIST", however, this user is not whitelisted in local.cf or user_prefs, nor are the domains.
The server runs postfix+amavisd and I believe the whitelisting takes place from the amavisd config. I'm unable to figure out how though, the config is pretty out-of-the-box.
1) What version are you running?
2) there are default whitelists in /usr/share/spamassasin/60_whitelists.cf, these come with spamassassin out of the box and have always been there.
3) There were some bugs in whitelist_from_rcvd that allowed spammers to forge them, when it should be impossible. The last of these bugs was fixed in 2.60.
Aha! paypal.com is whitelisted in 60_whitelists.cf. That explains it. I'm running 2.60 BTW, sorry for the diminutive info in original post but the spams were flooding in so I felt in kind of a hurry.
Thanks a lot!
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
