whitelist_from_rcvd - again

25 Mar 2004 21:39:05 -0000 

I'm having a heck of a time getting whitelist_from_rcvd to work AT ALL since 
upgrading to 2.63 .  I have read the threads about trusted networks, etc., but 
nothing seems to work.  (To be honest, I don't see the logic behind it only 
working on trusted networks... it may foil some spoofs but it makes 
administration a nightmare.)

That said... I can't even get outgoing mail from our very own 192.168.1.XXX 
network to trigger a whitelist_from_rcvd rule, even when I explicitly declare 
that network trusted.  I have had to resort to local meta rulesets that check 
the From and Received lines for the desired combination of strings.

Is whitelist_from_rcvd broken beyond repair?  Is there any hope for a fix 
before the next major release?  I'm doing overtime requeueing borderline ham 
that used to be whitelisted... help!


Pierre Thomson
BIC



sample line from local.cf:

-----
whitelist_from_rcvd  [EMAIL PROTECTED]               community.int
-----

sample header excerpt (only usernames and subject have been changed)

-----
Received: from wcr_nt_server25.community.int (wcr_nt_server25.community.int 
[192.168.1.10])
        by mail1.rifton.com (8.11.6/8.11.6) with ESMTP id i2PLBNb06108
        for <[EMAIL PROTECTED]>; Thu, 25 Mar 2004 16:11:23 -0500
MIME-Version: 1.0
Content-Type: text/plain;
        charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: mumbo jumbo
Date: Thu, 25 Mar 2004 16:11:10 -0500
Message-ID: <[EMAIL PROTECTED]>
From: "Joe User" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
-----

SA output:

Content analysis details:   (-4.9 points, 5.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
-4.9 BAYES_00               BODY: Bayesian spam probability is 0 to 1%
                            [score: 0.0000]


Where's the whitelist hit???




-----Original Message-----
From: Matt Kettler [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 25, 2004 3:49 PM
To: Ragnar Paulson; [EMAIL PROTECTED]
Subject: Re: {SPAM} Spoofing, whitelist, whitelist_from_rcvd

...

I hate to be blunt.. but you are running a seriously old version of SA, one 
which has a well known bug in whitelist_from_rcvd that was fixed quite a 
long time ago with the release of 2.60...

http://bugzilla.spamassassin.org/show_bug.cgi?id=846

Perhaps you should consider upgrading. After all, the SA-devs can fix bugs 
all they want and it does you no good if you don't download current 
versions of SA.

Reply via email to