[H-GEN] Spamassassin whitelist_from not working?
Stephen Thorne
stephen at thorne.id.au
Thu Feb 12 18:02:06 EST 2009
On 2009-02-13, David Duffy (AVD) wrote:
> OK, I've worked out what is happening. I was getting spam that had
> forged email addresses in our own domain. They were getting a large
> negative spam score applied which lets them pass as valid (not spam) emails.
>
> I had zeroed the score for user_in_whitelist, forgetting that this would
> affect all the whitelist_from rules I had added.
>
> So, how can I reject the emails with a forged email address (our domain)
> but still use the whitelist?
A technique that can work effectively for this kind of spam is to set up
SPF for your domain, and enforce SPF for your domain (and not other
domains), rejecting all mail from mail servers for your domain that you
don't approve.
SPF, aka, 'Sender Policy Framework' isn't a very popular, or very
useful, anti-spam technique, but it's quite effective if you enforce it
upon yourself.
Notes:
- Make sure no one sends mail From: your domain using mailservers that
aren't listed in the spf record.
- I recommend using SMTP Auth on 'submission' port 563 on all laptops
and hosts that are outside your network to send email.
- Make sure any webservers that send automated mail are either listed
in the spf record or set up to use your mail infrastructure to relay
mail.
--
Regards,
Stephen Thorne
Development Engineer
NetBox Blue - 1300 737 060
NetBox Blue is proud to be a sponsor and exhibitor at IBM's Solutions
Showcase 2009 events. These are held in Perth, Adelaide, Brisbane, Sydney and
Melbourne in February and March.
For more details and to register please visit:
http://www.ibm.com/solutionsshowcase/au
Scanned by the NetBox from NetBox Blue
(http://netboxblue.com/)
More information about the General
mailing list