SpamAssassin question

doug at curreycentral.com doug at curreycentral.com
Sat Jun 21 20:58:48 UTC 2008 

I have been playing around trying to get SA working.  So far things seem
to be going fine except some spam does get delivered.

The problem seems I have added a couple of my domains in the whitelisted. 
In the local.cf file "whitelist_from  *@mydomain.com" problem is when
someone forges the return address from my domain say "user at mydomain.com"
the mail always gets delivered. As it should I guess.  Anyway of limiting
this.  I can't believe its that easy to bypass SA.

Not sure I am reading the headers right but isn't this message also
failing RBL checks.  If so should I disable them in SA and turn them on in
Postfix?

Anything else I should try?

Here is the message headers.
----------------------------------------------------------
Return-Path: <doug at curmudgeon.org>
X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on
     ddc1.mydomain.com
X-Spam-Level:
X-Spam-Status: No, score=-74.8 required=5.0 tests=DIGEST_MULTIPLE,
     HTML_IMAGE_ONLY_20,HTML_MESSAGE,HTML_SHORT_LINK_IMG_3,MIME_HTML_ONLY,
     PYZOR_CHECK,RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,
     RCVD_IN_PBL,RCVD_IN_SORBS_DUL,URIBL_AB_SURBL,URIBL_JP_SURBL,URIBL_OB_SURBL,
     URIBL_SBL,URIBL_SC_SURBL,URIBL_WS_SURBL,USER_IN_WHITELIST autolearn=no
     version=3.2.4
X-Spam-RBL-Results: <dns:3.247.185.79.zen.spamhaus.org> [127.0.0.11]
     <dns:curmudgeon.org> [216.218.174.137]
     <dns:curmudgeon.org.bl.open-whois.org> [208.67.217.132]
     <dns:3.247.185.79.dnsbl.sorbs.net> [127.0.0.10]
     <dns:curmudgeon.org?type=MX> [1 curmudgeon.org.]
X-Original-To: myuser at mydomain.com
Delivered-To: myuser at mydomain.com
Received: from ddc1.mydomain.com (localhost [127.0.0.1])
     by ddc1.mydomain.com (Postfix) with ESMTP id 7767A152ABA
     for <myuser at mydomain.com>; Sat, 21 Jun 2008 09:05:01 -0400 (EDT)
Received: from tkaczuk-7rrh0j1 (aduj3.neoplus.adsl.tpnet.pl [79.185.247.3])
     by ddc1.mydomain.com (Postfix) with SMTP id BD1B0152AB9
     for <myuser at mydomain.com>; Sat, 21 Jun 2008 09:05:00 -0400 (EDT)
Content-Return: allowed
X-Mailer: CME-V6.5.4.3; MSN
Message-Id: <20080621040216.4888.qmail at tkaczuk-7rrh0j1>
To: <myuser at mydomain.com>
Subject: Dear myser at mydomain.com June 81% 0FF
From: VIAGRA ® Official Site <myuser at mydomain.com>
MIME-Version: 1.0
Content-Type: text/html; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Date: Sat, 21 Jun 2008 09:05:00 -0400 (EDT)
X-Virus-Scanned: ClamAV using ClamSMTP

---------------------------------------------------------------------

More information about the kubuntu-users mailing list