Whitelist?? Working

Chan Min Wai dcmwai at AMTB-M.ORG.MY
Mon Sep 15 05:09:27 IST 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Antony Stone Ð0:
> On Sunday 14 September 2003 11:14 am, Chan Min Wai wrote:
> Okay, so these are the addresses you want to whitelist:
>
> Anything from samheng at pd.jaring.my
> Anything from gifts at amtb-m.org.my
> Anything to gifts at amtb-m.org.my
> Anything from *@amtb*
>
> (This last one looks a little too general to me, but anyway...)

I don't like the last one either but because most of our mail is using
Full 8Bit Header and Chinese, this make them always being identify as
spam. To avoide that I've to use this parten.

>>from=<amtbbudd at fnsrvlx4.fnbs.net.my>, size=1785, class=0, nrcpts=1,
>
> Okay, so the From address is amtbbudd at fnsrvlx4.fnbs.net.my - that doesn't
> match any of your rules, so it can only be whitelisted if the To envelope
> address is gifts at amtb-m.org.my
This is Hard, how am I going to do this?

>
> Please can you show us the *full* headers for this email, because I
suspect
> that the way you are using fetchmail means the To envelope address is not
> macthing your whitelist rule.
>
Return-Path: <amtbbudd at fnsrvlx4.fnbs.net.my>
Received: from localhost (localhost.localdomain [127.0.0.1])
        by Amitabhasrv.amtb-m.int (8.12.8/8.12.8) with ESMTP id h873tr3W015405
        for <gifts at localhost>; Sun, 7 Sep 2003 11:55:53 +0800
Received: from pop.amtb-m.org.my
        by localhost with POP3 (fetchmail-6.2.0)
        for gifts at localhost (single-drop); Sun, 07 Sep 2003 11:55:53 +0800 (MYT)
Received: from fnsrvlx4.fnbs.net.my ([202.9.109.254]) by
vdomain.fnbs.net.my ; Sun, 07 Sep 2003 11:53:47 +0800
Received: from fnsrvlx4.fnbs.net.my (fnsrvlx4.fnbs.net.my [127.0.0.1])
        by fnsrvlx4.fnbs.net.my (8.12.8/8.12.8) with ESMTP id h873rli3025903
        for <gifts at amtb-m.org.my>; Sun, 7 Sep 2003 11:53:47 +0800
Received: (from amtbbudd at localhost)
        by fnsrvlx4.fnbs.net.my (8.12.8/8.12.8/Submit) id h873rlsf025901;
        Sun, 7 Sep 2003 11:53:47 +0800
Date: Sun, 7 Sep 2003 11:53:47 +0800
Message-Id: <200309070353.h873rlsf025901 at fnsrvlx4.fnbs.net.my>
To: gifts at amtb-m.org.my
From: "&#37322; &#33714;" <rili33 at yahoo.com.cn>
Subject: {Spam?} ²
HË
Content-Type: text/html; charset=Big5
Content-Transfer-Encoding: 8bit
X-Rcpt-To: <gifts at amtb-m.org.my>
X-DPOP: Version number supressed
X-UIDL: 1062906950.1005
Status: U
X-www.amtb-m.org.my-MailScanner-Information: Please contact webmaster
<at> amtb-m.org.my for more information
X-www.amtb-m.org.my-MailScanner: Found to be clean
X-www.amtb-m.org.my-MailScanner-SpamCheck: spam, SpamAssassin (score=11.7,
        required 5, FROM_ENDS_IN_NUMS 0.74, HEADER_8BITS 1.18,
        HTML_10_20 1.36, HTML_MESSAGE 0.10, MAILTO_TO_SPAM_ADDR 0.38,
        MIME_HTML_ONLY 0.10, RCVD_IN_OSIRUSOFT_COM 0.55,
        SUBJ_FULL_OF_8BITS 4.30, X_OSIRU_OPEN_RELAY 2.90)
X-www.amtb-m.org.my-MailScanner-SpamScore: sssssssssss
>
>>SpamAssassin (score=11.7, required 5, FROM_ENDS_IN_NUMS 0.74,
>>HEADER_8BITS 1.18, HTML_10_20 1.36, HTML_MESSAGE 0.10,
>>MAILTO_TO_SPAM_ADDR 0.38, MIME_HTML_ONLY 0.10, RCVD_IN_OSIRUSOFT_COM
>>0.55, SUBJ_FULL_OF_8BITS 4.30, X_OSIRU_OPEN_RELAY 2.90)
>
> You should remove Osirusoft from yur RBL list - they are no longer in
> operation and will label *everything* as spam now.

I'm not sure what to do, here is my spam list in the configuration files
and I don't see a sight of OSIRU_RBL

Spam List = ORDB-RBL Infinite-Monkeys # MAPS-RBL+ costs money (except
.ac.uk)

Please tell me what to do.
>
> Basically I think it is fetchmail which is causing your problems.
Note that
> MailScanner's From and To rules match on the SMTP *envelope*
addresses, not
> the addresses in the From: and To: headers inside the email.

This fetchmail + dropmail box is causing me alot of problem :(
1st of all, it cause the smtp server to be a open relay (when sendmail
to user%spammer.com at amtb-m.org.my) to our Smart Host relay.

Now this problem...

I really need some luck on setting these things.

> 90% of network problems are routing problems.
> 9 of the remaining 10% are routing problems in the other direction.
> The remaining 1% might be something else, but check the routing anyway.

Hey This is ture, everytime I'm having a problem it is routing, (even if
it is routing of mail :)

- --
- ------------------------------
¬??è?x
Amitabha Buddhist Society (M)
16A, 1st Floor, Jalan Pahang,
53000, Kuala Lumpur,
Malaysia.

Tel:+603-40414101, 40452630
Fax:+603-40412172
WebPage: http://www.amtb-m.org.my
E-Mail: amtbmy at amtb-m.org.my
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/ZTt1V0p9slMZLW4RAtY1AJ9LSl5kRuvZao3Wp1yw3zIIrS9pOQCgtqXx
IJPgDm5PKScyKre1do3tUZM=
=OFEs
-----END PGP SIGNATURE-----

More information about the MailScanner mailing list