Re: Whitelist IP Address

[Mikael Hakman]

Wouldn't you all agree that blocking or letting through emails sent from or 
relayed by specified IP addresses and subnets is quite a basic 
functionality? In a sense it is more basic than doing the same with DNS 
names and SMTP addresses because all those names ultimately resolve to IP 
numbers. All communication (routing) on the Internet is done by numbers not 
by names.

Then why can't we have such a generic rule built-in into SA? Creating custom 
header rules is ok as long as you want to recognize particular IP host 
addresses and subnets with IP ranges on whole byte boundary. In the general 
case however you have to do bitwise AND between address from SMTP header and 
a subnet mask and compare the result to the result of doing bitwise AND 
between subnet address and the same subnet mask. AFAIK this is not possible 
to do in SA custom header rules unless you find a way to express this as a 
Perl regular expression for pattern matching. Then why can't we have a 
test/rule, say, WHITELIST_NUMERIC_IP and BLACKLIST_NUMERIC_IP that take IP 
number and subnet mask as arguments and does this double AND operation and 
comparison against each IP number from Received headers?

To all who do not understand why so many people want to work with IP numbers 
rather than with DSN names or SMTP addresses:

When an SMTP server receives email it knows IP number of the sender (relay). 
It knows it from IP packet header source IP address. This number is 
independent of what sender's SMTP server says he is. This is because both 
SMTP and the underlying TCP require sending IP packets in both directions 
for this reception process to succeed. Therefore at the time an SMTP server 
receives email from an IP then it knows that this IP is real, it exists, and 
is world-reachable through the global routing system. Therefore it can be 
traced and you cannot forge it. Each IP number belongs to a range of IP 
addresses (subnet) managed by a known authority. Each such authority has 
received its IP range from yet another higher known authority etc. until you 
reach the top (RIPE etc). Contrary to DNS names you cannot simply buy or 
register an unrelated IP number and therefore IP numbers are much more 
difficult to forge and easier to trace  than names.

----- Original Message ----- 
From: "Matt Kettler" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <users@spamassassin.apache.org>
Sent: Thursday, March 10, 2005 1:55 AM
Subject: Re: Whitelist IP Address


At 07:49 PM 3/9/2005, Mike Carlson wrote:
How do you whitelist an IP address? I want to allow all email from a
specific IP address to pass through the filter without being tagged as 
spam.

I added all 4 IP addresses of the server to the trusted networks list,
but that didnt seem to do it.
Pretty much the only way I know of is to make a custom header rule that 
looks for a Received: header that came from that IP.

__________ NOD32 1.1022 (20050309) Information __________
This message was checked by NOD32 antivirus system.
 part000.txt - is OK
http://www.nod32.com