Spam/phishing emails pretending to be from Paypal won't have an
envelope-from of *@paypal.com which is why you didn't get the
desired effect.  You rarely use the blacklist_from only when there
is very dumb senders that you want to block

that don't matter - "blacklist_from" also bpocks from-header

On 06.03.17 12:09, David Jones wrote:
Good to know but the From: header is not a reliably way to block
email unless there is a very dumb/naive sender.

yes, it's very bad when your friend fakes up paypal From: address and he
gets blocked :-)

Imho, blocking this is really non-issue.

problem is that lines like above also block legit paypal traffic which
has a enevelope outside that domain but get blocked by "blacklist_from"
and "whitelist_auth" won#t trigger as long as you don't add all the
possible underlying envelope-senders (which are in case of newsletters
large, shared senders where you don't want that)

the concept above does not work in real life because it is a very naive
approach by lacking real expierience - took me less than 24 hours to
stop testing that and find out it does more harm than good

Like I said, you very rarely should use blacklist_from.  RBLs and other
DNS checks should take care of most of the need for blacklist_from
entries.

using blacklist_from for idiots that spam you repeatedly and they can't be
contacted or don't react is find.
The only problem is that this kind of blacklists tends to gro up over time -
that's why we bave SpamAssassin

--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
If Barbie is so popular, why do you have to buy her friends?

Reply via email to