On 20260218 10:41:34, Bill Cole wrote:
On 2026-02-18 at 12:59:42 UTC-0500 (Wed, 18 Feb 2026 10:59:42 -0700)
Philip Prindeville via users <[email protected]>
is rumored to have said:
Hi.
I have rules like:
whitelist_from_rcvd [email protected] mirrors.kernel.org
...
blacklist_from *@yandex.ru
And only the last rule seems to be hit.
All rules are run UNLESS you use shortcircuit. Order in the file should not
matter.
How do I debug this?
spamassassin -t -D rules <testmessage will show you all the hits of a message.
I'm trying to avoid spam from Yandex while getting mailing list mail from
legit contributors to Linux that use Yandex (god knows why).
I gather it's a Russian analog to Yahoo...
You can always supplement the generic wl/bl directives with a specific rule
based on specific headers, e.g.:
describe W_LINUX_CONT Welcome linux-contrib
header W_LINUX_CONT From =~ /[email protected]/
score W_LINUX_CONT -10
You can make that more complex if you like, or combine it in a metarule with a
subrule that matches mirrors.kernel.org in the last Received header. RTFM for
details.
Wouldn't a couple meta rules be somewhat better here?
As it is, is the whitelist_from_rcvd really being hit? He's using plain
"blacklist_from" for the yandex rule. If there is an all trusted issue his
...from_rcvd rule might not be firing. In a perfect world the whitelist and
blacklist rules should cancel each other out leaving the rest of the rules to do
the lifting.
{^_^}
