Hello,
John Marshall wrote:
Stefan Lambrev wrote:
Hello,
I noticed that after upgrading spamassassin to the latest (in ports)
version, manual whitelist is somehow broken.
In previous version spamassassin detects without a problem forged
"From" headers and even with "whitelist_from [EMAIL PROTECTED]"
mails that are spam got caught.
With the latest version of spamassassins the following example will
not be detected as spam:
>telnet mailserver-spamprotected.com 25
>helo somedomain.com
>mail from: [EMAIL PROTECTED]
>rcpt to: [EMAIL PROTECTED]
>data
From: [EMAIL PROTECTED]
some spam xxx.
.
>quit
In this case whitelist_from [EMAIL PROTECTED] is
triggered, and I'm pretty sure that wasn't a case in older versions
of spamassassin.
Any ideas what is changed, and how I can restored the old behavior.
As far as I know, nothing has changed. What you are seeing is expected
behaviour.
"whitelist_from" should only be used as a last resort because it
blindly trusts the (alleged) envelope sender address. The
documentation warns about this:
<http://spamassassin.apache.org/full/3.2.x/doc/Mail_SpamAssassin_Conf.html#whitelist_and_blacklist_options>
Personally, I include the SPF plugin and use "whitelist_from_spf"
entries wherever possible. Failing that (if sending domain doesn't
publish SPF details) I use "whitelist_from_rcvd".
This document says that envelope_sender_header is used to check
whitelist_from - and I'm using postfix - it set "Return-path" header,
and I think the problem is that spamassassin no more read this.
I'll check if setting manually envelope_sender_header will change something.
--
Best Wishes,
Stefan Lambrev
ICQ# 24134177
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
