From: <[EMAIL PROTECTED]>
On Sun, January 29, 2006 12:50 am, jdow said:
From: <[EMAIL PROTECTED]>
In my setup (SA 3.1.0) I've done some tweaking here and there, but I'm
not
expert enough, nor smart enough to understand the cryptic nature of PHP
(cryptic to me, at least) and the SA rules.
When an email is spoofed as being from me and to me, the score is -100
(+-
the other rules caught) as being in the whitelist. I have a database of
email users of about 4000 and wrote a script that goes through them on
command and builds my whitelist.
I'm on Redhat v8.0, PHP v4.2.2-8.0.5, sendmail v8.12.5-7
1) It's whitelist_from_rcvd you want.
2) It's should not be necessary to whitelist your own site. If it is then
investigate what aspects of your email load are causing the hits. Then
take the proper remedial action.
Okay, I've looked at whitelist_from_rcvd and added for email addresses on
my site. The format I'm using is:
whitelist_from_rcvd [EMAIL PROTECTED] mydomain.com
I'll watch and see if anymore of these fail to get tagged as spam.
I'm confused on how to take proper remedial action because I'm not sure
what to look for on item #2 above. Please point me in the right direction
and I'll get the rest of the work myself.
Do you see ALL_TRUSTED in all or most of the email received? If so your
trust path is toast and many of the header consistency checks won't work
right. As far as other issues, my brain's not functioning well at the
moment. Migraine's do that to me. But I do note that it's fairly obvious
when an email has forged an Earthlink address. So perhaps catching it
here is easier than for you. I do not have anything at Earthlink whitelisted
at all. But then, the ALL_TRUSTED which honest Earthlink.net email gets
is an effective whitelist, anyway. I don't mind that most of the Earthlink
sales offers and such get clobbered by the spam filtering. {^_-}
{^_^}
