Re: Rule to detect same address in sender and receiver

[McDonald, Dan]

On Fri, 2009-05-08 at 12:05 +0200, Benny Pedersen wrote:
> On Thu, May 7, 2009 14:11, Matus UHLAR - fantomas wrote:
> > On 07.05.09 03:59, jida...@jidanni.org wrote:
> >> Ah ha, you can use something like
> >
> >> header FROM_SAME_AS_TO ALL=~/\nFrom: ([^\n]+)\n.*To: \1/sm
> >> > add spf to your domain
> >> But see e.g., http://david.woodhou.se/why-not-spf.html
> >
> > did I misread ot does the person blame SRS first and then reports he uses
> > it or something similar?
> 
> i find the why not spf funny, if spf rejects genie mails then spf is setup
> wroungly for the domain
> 
> and yes spammers can use spf to, so what ? :)
> 
> its still me that whitelist_from_spf in spamassassin

I like the whitelist_from_spf function.  I'd love a blacklist_unless_spf
function.  I know I can write individual meta rules for that, but this
would be easier to maintain.

So, instead of an abomination like this:
header __L_ML1       Precedence =~ m{\b(list|bulk)\b}i
header __L_ML2       exists:List-Id
header __L_ML3       exists:List-Post
header __L_ML4       exists:Mailing-List
header __L_HAS_SNDR  exists:Sender
meta   __L_VIA_ML    __L_ML1 || __L_ML2 || __L_ML3 || __L_ML4 || __L_HAS_SNDR
header __L_FROM_Y1   From:addr =~ m...@.]yahoo\.com$}i
header __L_FROM_Y2   From:addr =~ m...@yahoo\.com\.(ar|br|cn|hk|my|sg)$}i
header __L_FROM_Y3   From:addr =~ m...@yahoo\.co\.(id|in|jp|nz|uk)$}i
header __L_FROM_Y4   From:addr =~ m...@yahoo\.(ca|de|dk|es|fr|gr|ie|it|pl|se)$}i
meta   __L_FROM_YAHOO __L_FROM_Y1 || __L_FROM_Y2 || __L_FROM_Y3 || __L_FROM_Y4
header __L_FROM_GMAIL From:addr =~ m...@gmail\.com$}i
meta     L_UNVERIFIED_YAHOO  !DKIM_VERIFIED && __L_FROM_YAHOO && !__L_VIA_ML
priority L_UNVERIFIED_YAHOO  500
score    L_UNVERIFIED_YAHOO  2.5
meta     L_UNVERIFIED_GMAIL  !DKIM_VERIFIED && __L_FROM_GMAIL && !__L_VIA_ML
priority L_UNVERIFIED_GMAIL  500
score    L_UNVERIFIED_GMAIL  2.5

I would rather have:

blacklist_unless_auth   @gmail.com
blacklist_unless_auth   @yahoo.*

> 
> users migth get it one day :)
> 
-- 
Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX
www.austinenergy.com

signature.asc
Description: This is a digitally signed message part