Date: Thu, 30 Aug 2007 13:40:14 +0300 From: Stefan Lambrev <stefan.lambrev@moneybookers.com> To: John Marshall <John.Marshall@riverwillow.com.au> Cc: "scheidell@secnap.net" <scheidell@secnap.net>, "freebsd-ports@freebsd.org" <freebsd-ports@freebsd.org> Subject: Re: p5-Mail-SpamAssassin-3.2.3 - manual whitelist_from broken Message-ID: <46D69E8E.1050400@moneybookers.com> In-Reply-To: <46D6980D.8050505@riverwillow.com.au> References: <46D67CB6.1080100@moneybookers.com> <46D6980D.8050505@riverwillow.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, John Marshall wrote: > Stefan Lambrev wrote: >> Hello, >> >> I noticed that after upgrading spamassassin to the latest (in ports) >> version, manual whitelist is somehow broken. >> In previous version spamassassin detects without a problem forged >> "From" headers and even with "whitelist_from *@domain.com" >> mails that are spam got caught. >> >> With the latest version of spamassassins the following example will >> not be detected as spam: >> >> >telnet mailserver-spamprotected.com 25 >> >helo somedomain.com >> >mail from: spoof@somedomain.com >> >rcpt to: validuser@mailserver-spamprotected.com >> >data >> From: validuser@mailserver-spamprotected.com >> some spam xxx. >> . >> >quit >> >> In this case whitelist_from *@mailserver-spamprotected.com is >> triggered, and I'm pretty sure that wasn't a case in older versions >> of spamassassin. >> >> Any ideas what is changed, and how I can restored the old behavior. >> > > As far as I know, nothing has changed. What you are seeing is expected > behaviour. > > "whitelist_from" should only be used as a last resort because it > blindly trusts the (alleged) envelope sender address. The > documentation warns about this: > <http://spamassassin.apache.org/full/3.2.x/doc/Mail_SpamAssassin_Conf.html#whitelist_and_blacklist_options>; > > > Personally, I include the SPF plugin and use "whitelist_from_spf" > entries wherever possible. Failing that (if sending domain doesn't > publish SPF details) I use "whitelist_from_rcvd". > This document says that envelope_sender_header is used to check whitelist_from - and I'm using postfix - it set "Return-path" header, and I think the problem is that spamassassin no more read this. I'll check if setting manually envelope_sender_header will change something. -- Best Wishes, Stefan Lambrev ICQ# 24134177
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46D69E8E.1050400>