Jack Gostl wrote:
>
> ----- Original Message ----- From: "Matt Kettler"
> <[EMAIL PROTECTED]>
> To: "Jack Gostl" <[EMAIL PROTECTED]>
> Cc: "spam" <users@spamassassin.apache.org>
> Sent: Thursday, December 06, 2007 8:19 PM
> Subject: Re: whitelist
>
>
>> Matt Kettler wrote:
>>> Jack Gostl wrote:
>>>
>>>> I have an odd problem. I have a user receiving spam from something
>>>> like
>>>> [EMAIL PROTECTED] Since he does business with
>>>> verybigcompany.com,
>>>> he had them in his white list, and as expected, the spam slipped
>>>> through.
>>>>
>>>> Based on the advice I got in this newsgroup, I changed him from a
>>>> straight:
>>>>
>>>> whitelist_from [EMAIL PROTECTED]
>>>>
>>>> to
>>>>
>>>> whitelist_from_rcvd [EMAIL PROTECTED] verybigcompany.com
>>>>
>>>> I think I did that right. So now the odd thing is that spam from
>>>> verybigcompany.com is coming through on my PERSONAL account even
>>>> though its
>>>> not in my whitelist. The headers show that this is a "user in
>>>> whitelist"
>>>> situation. It may be happening to others, I haven't checked, but
>>>> its weird
>>>> enough that its happening to me.
>>>>
>>>> Now if I haven't confused everyone, I'm open to ideas.
>>>>
>>> Have you checked *all* the "from like" headers to see if any of them
>>> match your whitelist. (ie: return-path, envelope-sender, etc, etc, etc)
>>>
>>> Have you tried running the same message through spamassassin -D to see
>>> which exact address SA matched against?
>>>
>>>
>>>
>>
>> One other thing to check.. if you use spamd you're probably subject to
>> this bug:
>>
>> http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4179
>
> This looks close enough to worry. I'm not used to reading those
> bugzilla reports. Is there a fix? Would I have to upgrade to the
> current release?
>
>
>
No, there's no published fix yet, but there's a patch targeted to go
into the next 3.2.x release if it gets enough votes from the PMC.
