http://bugzilla.spamassassin.org/show_bug.cgi?id=3021
------- Additional Comments From [EMAIL PROTECTED] 2004-02-10 02:38 ------- I would like to implement this but I would like to get some feedback from developers before I do any coding. I'm leaning against making it a blacklist option for the following reasons: 1) It logically fits in with the whitelist entries, so would require a blacklist entry for each address that is whitelisted; 2) If an email address can be sent through more than one mail server the syntax to specify the negation of them would be ugly; 3) More options mean for more complexity for the user. What I would like to do is have something that is generated automatically by the whitelist_from_rcvd and def_whitelist_from_rcvd entries. Here is one proposal: When checking for a whitelist match, if the result is not successful and while searching it is discovered that a sender email address matched the address portion of a whitelist_from_rcvd or def_whitelist_from_rcvd and the mail server failed to match, then trigger a FORGED_SENDER or a DEF_FORGED_SENDER rule. For example, if there is def_whitelist_from_rcvd [EMAIL PROTECTED] amazon.com and you get a mail From [EMAIL PROTECTED] sent through [EMAIL PROTECTED] that would trigger DEF_FORGED_SENDER. The advantages are that it works automatically to provide a good spam test for every whitelist entry, and can be implemented with just a minor change to check_whitelist_from_rcvd to make it instead of returning only 0 or 1, possibly return -1 if there was no full match but there was an email address match without a server name match. The disadvantages are: 1) Say you have a friend [EMAIL PROTECTED] who sometimes sends mail through the mail.example.com server and sometimes is on the road sending the mail through various Internet cafes. You want to be able to whitelist mail from [EMAIL PROTECTED] when it is sent through mail.example.com, but you want to be neutral regarding mail from [EMAIL PROTECTED] sent through elsewhere, as it may or may not be legitimate. This syntax provides no way to express that. 2) If there is a def_whitelist_from_rcvd entry for [EMAIL PROTECTED] paypal.com, for example, you would not be able to add a whitelist_from_rcvd for [EMAIL PROTECTED] ebay.com. For that to work the test would have to check both the def_whitelist_from_rcvd list and the whitelist_from_rcvd list at the same time. On the other hand, this is a pretty farfetched case that could be handled by requiring you to use undef_whitelist_from_rcvd. I think we could ignore the second problem, but what about the first? Is it acceptable to not be able to whitelist_from_recvd without penalizing mail snet through different servers? Would we have to add a syntax to express that such as whitelist_from_optional_rcvd, or adding an "optional" keyword to whitelist_from_rcvd? Any thoughts about this before I submit a patch to implement it? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
