p5-Mail-SpamAssassin-3.2.3 - manual whitelist_from broken
Stefan Lambrev
stefan.lambrev at moneybookers.com
Thu Aug 30 03:40:17 PDT 2007
Hello,
John Marshall wrote:
> Stefan Lambrev wrote:
>> Hello,
>>
>> I noticed that after upgrading spamassassin to the latest (in ports)
>> version, manual whitelist is somehow broken.
>> In previous version spamassassin detects without a problem forged
>> "From" headers and even with "whitelist_from *@domain.com"
>> mails that are spam got caught.
>>
>> With the latest version of spamassassins the following example will
>> not be detected as spam:
>>
>> >telnet mailserver-spamprotected.com 25
>> >helo somedomain.com
>> >mail from: spoof at somedomain.com
>> >rcpt to: validuser at mailserver-spamprotected.com
>> >data
>> From: validuser at mailserver-spamprotected.com
>> some spam xxx.
>> .
>> >quit
>>
>> In this case whitelist_from *@mailserver-spamprotected.com is
>> triggered, and I'm pretty sure that wasn't a case in older versions
>> of spamassassin.
>>
>> Any ideas what is changed, and how I can restored the old behavior.
>>
>
> As far as I know, nothing has changed. What you are seeing is expected
> behaviour.
>
> "whitelist_from" should only be used as a last resort because it
> blindly trusts the (alleged) envelope sender address. The
> documentation warns about this:
> <http://spamassassin.apache.org/full/3.2.x/doc/Mail_SpamAssassin_Conf.html#whitelist_and_blacklist_options>
>
>
> Personally, I include the SPF plugin and use "whitelist_from_spf"
> entries wherever possible. Failing that (if sending domain doesn't
> publish SPF details) I use "whitelist_from_rcvd".
>
This document says that envelope_sender_header is used to check
whitelist_from - and I'm using postfix - it set "Return-path" header,
and I think the problem is that spamassassin no more read this.
I'll check if setting manually envelope_sender_header will change something.
--
Best Wishes,
Stefan Lambrev
ICQ# 24134177
More information about the freebsd-ports
mailing list