Cedric BUSCHINI wrote: > Hello everyone, > > I m running through a problem generating false negatives : > I m getting e-mails sent to [EMAIL PROTECTED] from > [EMAIL PROTECTED] > > X-Spam-Checker-Version: SpamAssassin 3.1.4 (2006-07-25) on > srvmail.carax.com > X-Spam-Level: X-Spam-Status: No, score=-93.1 required=5.0 > tests=BAYES_50,HTML_90_100, > HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,URIBL_JP_SURBL, > URIBL_SBL,USER_IN_WHITELIST autolearn=no version=3.1.4 > [...] > To: <[EMAIL PROTECTED]> > Subject: Online MedHelp > From: Doctor Fern <[EMAIL PROTECTED]> > > [EMAIL PROTECTED] is in the whitelist using whitelist_from in > local.cf . > > How can I fix that problem ? do not *EVER* use whitelist_from for ANYTHING, except as an absolute last resort. whitelist_from offers absolutely no protection against forgery, and is particularly dangerous to use for whitelisting your own domain,
use whitelist_from_rcvd instead. This takes two parameters, the second of which checks the reverse DNS lookup of the MTA delivering the mail to your server.
