SpamAssassin question
kbl at adept-hosting.net
kbl at adept-hosting.net
Sun Jun 22 03:41:09 UTC 2008
On Saturday 21 June 2008 14:58:48 doug at curreycentral.com wrote:
> I have been playing around trying to get SA working. So far things seem
> to be going fine except some spam does get delivered.
>
> The problem seems I have added a couple of my domains in the whitelisted.
> In the local.cf file "whitelist_from *@mydomain.com" problem is when
> someone forges the return address from my domain say "user at mydomain.com"
> the mail always gets delivered. As it should I guess. Anyway of limiting
> this. I can't believe its that easy to bypass SA.
>
> Not sure I am reading the headers right but isn't this message also
> failing RBL checks. If so should I disable them in SA and turn them on in
> Postfix?
>
> Anything else I should try?
Without digging into the SpamAssassin documentation, it occurs to me that you
may want to look at whitelisting on other headers. Its dead easy to spoof a
from: header but Received: and other headers are harder to spoof.
There's multiple approaches to using SpamAssassin. One of the simplest is to
just have SpamAssassin set the X-Spam-Level: header and sort email on that
header, all marked spam going to a spam folder. You review the spam folder
contents and delete when you are sure there are no false positivies.
Whitelisting (I believe) over-rides X-Spam-Level: and you are subject to how
sneaky the spammers are. Personally, I find X-Spam-Level: is much more
reliable than any whitelisting, etc., and a whole lot simpler. YMMV.
- ken
More information about the kubuntu-users
mailing list