> From: Stefan Hornburg > Sent: Monday, February 23, 2004 6:35 AM [...] > > The subject of the email is: > Output from your job 48 > > The message id is (added by the MTA probably) > Message-Id: <[EMAIL PROTECTED]> > > How can I avoid these false positives ?
One idea is whitelist_from_recvd localhost mail: # Trusted hosts whitelist_from_rcvd * localhost whitelist_from_revd * mydomain.com where 'mydomain.com' is your domain name, or a trust one. For the 'from Received' part of this to work, you have to set up trusted_hosts properly. ### We can trust headers from these IP's: trusted_networks 127. trusted_networks 199.99.99. where 199.99.99. is the /24 of your IP block. That said, there are some problems in parsing certain Received lines in 2.63, and in the interpretation of trusted_networks that will likely be resolved in the next release, so the set up described above might not work completely for you in this release. Still it will work on some/many installations, so you should probably try this first. Alternatively, you could lower the score of SUBJ_HAS_SPACES, to say, half of what it is now: score SUBJ_HAS_SPACES 2.0 but since this has more to do with the sender, you could whitelist the sender. If the sender of 'at' mail is root: whitelist_from [EMAIL PROTECTED] Above, you'd really like that to be whitelist_from_recvd, but this entry can be used until the localhost and Received: parsing problems are fixed, _if_ the whitelist_from_recvd suggestion above doesn't work for you. You cuold remove this broad whitelist_from entry in after the next release is installed.
