Nelson Serafica wrote: > I'm using spamassassin 3.2.5. <http://3.2.5.> Now, I must a > whitelist_from containing [EMAIL PROTECTED] <http://foo.com> in my local.cf > <http://local.cf>. > > However, there are still 1 email that has been tagged as spam. In my > understanding, if a domain was in whitelist_from, even if it was > tagged as spam, it will delivered to the recipient. First, be aware that SpamAssassin itself does not directly cause messages to be deleted, rejected, or otherwise alter delivery. SpamAssassin itself *ONLY* tags. The way it inserts itself into the mail chain is very flexible, but gives SA no direct power over message delivery, so tagging is the only thing it can possibly do. If it were to try to delete the message, most mail tools would assume SA had crashed and recover the original, unscanned message and deliver that.
Therefore, there is nothing in the SpamAssassin configuration that can cause a message to be delivered "even if it is tagged as spam". SA can only tag, or not tag. whitelist_from causes messages to be hit with a -100 point rule named USER_IN_WHITELIST. This large negative score makes it more-or-less impossible for the message to be tagged as spam. Pretty much the only way to get SA to tag it when matching a whitelist would be to put a GTUBE test signature into the message. Your previously posted example was working perfectly, in that the whitelist configuration caused SA to match USER_IN_WHITELIST, which generated a hugely negative score, and therefore was not tagged as spam. That's exactly what it should do. If you've got something else that deletes mail when SA tags messages, then that is the tool you'd need to configure if you want the message to get tagged as spam, but still be delivered. Reconfiguring SA can't change this, because SA doesn't (and in fact can't) delete the messages. > I restart the spamd after I edit local.cf <http://local.cf> so it must > take effect. > > Is this the right way to whitelist? As I check, when using 3.2.5, this > is the right way of whitelisting a domain. whitelist_from is never the "right" way to do anything. It is horribly easy to forge. Use whitelist_from_rcvd, or preferably, whitelist in your tools that call SA, bypassing it entirely and saving CPU time.