Chris wrote: > It appears as though I don't understand how this is supposed to work. I > have a file in /etc/mail/spamassassin called my-whitelist.cf. In it I > have entries such as: > > > <snip> > whitelist_from_rcvd harley-requ...@the-hed.net the-hed.net > > <snip> > however, a message from the 2nd address doesn't hit the > USER_IN_WHITELIST for some reason: > > Return-path: harley-requ...@the-hed.net > X-spam-checker-version: SpamAssassin 3.2.5 (2008-06-10) on > localhost.localdomain > X-spam-status: No, score=-4.9 required=5.0 > tests=AWL=0.445,BAYES_00=-6.4, > DCC_CHECK_NEGATIVE=-0.0001,KHOP_NO_FULL_NAME=0.259,RDNS_NONE=0.1, > SPF_NEUTRAL=0.686,UNPARSEABLE_RELAY=0.001 > AWL,BAYES_00,DCC_CHECK_NEGATIVE, > KHOP_NO_FULL_NAME,RDNS_NONE,SPF_NEUTRAL,UNPARSEABLE_RELAY > shortcircuit=no autolearn=disabled version=3.2.5 > > Complete headers of both posts are here: > > http://pastebin.com/m1d1d5e07 > > <snip> > So, what am I doing wrong here? > Two problems with that message:
First, there's an unparsable Received: header, which appears to be the one created by your fetchmail. That's breaking SA's trust path, and preventing any hosts from being trusted, making whitelist_from_rcvd impossible. I'm not sure what's throwing it off, but the (single-drop) bit looks a bit odd to me. You need to get SA to understand the Received: headers for any Received-based mechanisms to work. You'll also need it to trust all the servers at your isp/esp/whatever relationship you have with embarqmail.com and synacor.com. Second, the message from "harley-requ...@the-hed.net" is not relayed to your site from a server using the-hed.net as it's reverse DNS. In fact, the-hed.net is not used as the domain of *ANY* server in the received headers of that message. The server they appear to be using is kyoto.hostforweb.net, so "hostforweb.net" should be the second parameter in your whitelist_from_rcvd, not the-hed.net.