From owner-freebsd-ports@FreeBSD.ORG Thu Aug 30 10:40:16 2007 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E77E116A420 for ; Thu, 30 Aug 2007 10:40:16 +0000 (UTC) (envelope-from stefan.lambrev@moneybookers.com) Received: from blah.sun-fish.com (blah.sun-fish.com [217.18.249.150]) by mx1.freebsd.org (Postfix) with ESMTP id 935CC13C48A for ; Thu, 30 Aug 2007 10:40:16 +0000 (UTC) (envelope-from stefan.lambrev@moneybookers.com) Received: from blah.sun-fish.com (localhost [127.0.0.1]) by blah.sun-fish.com (Postfix) with ESMTP id 0BDB01B10F14; Thu, 30 Aug 2007 12:40:15 +0200 (CEST) Received: from hater.cmotd.com (hater.cmotd.com [192.168.3.125]) by blah.sun-fish.com (Postfix) with ESMTP id 074431B10EFB; Thu, 30 Aug 2007 12:40:15 +0200 (CEST) Message-ID: <46D69E8E.1050400@moneybookers.com> Date: Thu, 30 Aug 2007 13:40:14 +0300 From: Stefan Lambrev User-Agent: Thunderbird 2.0.0.4pre (X11/20070711) MIME-Version: 1.0 To: John Marshall References: <46D67CB6.1080100@moneybookers.com> <46D6980D.8050505@riverwillow.com.au> In-Reply-To: <46D6980D.8050505@riverwillow.com.au> Content-Type: text/plain; charset=windows-1251; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP on BLAH Cc: "scheidell@secnap.net" , "freebsd-ports@freebsd.org" Subject: Re: p5-Mail-SpamAssassin-3.2.3 - manual whitelist_from broken X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Aug 2007 10:40:17 -0000 Hello, John Marshall wrote: > Stefan Lambrev wrote: >> Hello, >> >> I noticed that after upgrading spamassassin to the latest (in ports) >> version, manual whitelist is somehow broken. >> In previous version spamassassin detects without a problem forged >> "From" headers and even with "whitelist_from *@domain.com" >> mails that are spam got caught. >> >> With the latest version of spamassassins the following example will >> not be detected as spam: >> >> >telnet mailserver-spamprotected.com 25 >> >helo somedomain.com >> >mail from: spoof@somedomain.com >> >rcpt to: validuser@mailserver-spamprotected.com >> >data >> From: validuser@mailserver-spamprotected.com >> some spam xxx. >> . >> >quit >> >> In this case whitelist_from *@mailserver-spamprotected.com is >> triggered, and I'm pretty sure that wasn't a case in older versions >> of spamassassin. >> >> Any ideas what is changed, and how I can restored the old behavior. >> > > As far as I know, nothing has changed. What you are seeing is expected > behaviour. > > "whitelist_from" should only be used as a last resort because it > blindly trusts the (alleged) envelope sender address. The > documentation warns about this: > > > > Personally, I include the SPF plugin and use "whitelist_from_spf" > entries wherever possible. Failing that (if sending domain doesn't > publish SPF details) I use "whitelist_from_rcvd". > This document says that envelope_sender_header is used to check whitelist_from - and I'm using postfix - it set "Return-path" header, and I think the problem is that spamassassin no more read this. I'll check if setting manually envelope_sender_header will change something. -- Best Wishes, Stefan Lambrev ICQ# 24134177