Hi, > Firstly, before you convert all these to whitelist_from_rcvd, perhaps you > ought to ask yourself whether you really need 1000 entries on your > whitelist.
I'm surprised you were the first to make that very comment, so thanks. > Does mail from these addresses actually get miscategorised as > spam, or would SA get it right without the whitelist? Mail was being tagged as spam, and the organization became concerned that others would be tagged, so it seemed anytime there was a high-profile external business contact that they couldn't risk being tagged, they had it added to the whitelist. The list used to be much larger until we spent quite a while (months and months) going through it with them to prune it. I don't doubt that if we removed a substantial amount of them that SA would do what's right, but there doesn't seem to be any scientific way to do that successfully. > Secondly, don't forget about whitelist_from_spf. If a domain has an SPF > record, this is a better solution than whitelist_from_rcvd as it avoids the > need for *you* to work out which are the outgoing servers. Is there a way to script that for the 1000 or so entries, to see which have SPF records? > Lastly, if you do use whitelist_from_rcvd, remember that there may be > multiple outgoing servers for a given domain, and worse they may change over > time. Yeah, I thought of that too, so it doesn't sound like that's going to work well here. Thanks, Alex