Steven Stern wrote: > I'm having problems whitelisting mail sent through web sites with a from > address supplied by the user. > > Case in point, I send an article from huffingtonpost.com to myself. I > used a "whitelist from huffingtonpost.com", but that doesn't reduce the > spam score. The proper syntax would be: whitelist_from [EMAIL PROTECTED]
Note the presence of an underscore. It's whitelist_from, not whitelist from. That said, whitelist_from is evil and should be avoided whenever possible. whitelist_from_rcvd is significantly better, as it takes two parameters and checks both the From: header (easily forged) and the Received: header generated by a trusted server (harder to forge). The proper syntax for that would be: whitelist_from_rcvd [EMAIL PROTECTED] huffingtonpost.com But this assumes that your SA is called after the Return-Path header is added, and not before. If you're using a milter, this won't work, but if you're calling from procmail, it will. And *always* do the following when editing your configuration: 1) run spamassassin --lint. This should run and exit silently. If it prints anything, fix the reported errors. 2) If you use the spamc/spamd pair, and have edited a .cf file, you need to restart spamd for the changes to take effect.