whitelist_to getting exploited

[Ramprasad]

On Fri, 2006-12-29 at 19:34 +1000, Res wrote:
> On Fri, 29 Dec 2006, Ramprasad wrote:
> 
> > In our setup where we do email scanning for our clients we have a
> > feature by which clients can opt-out some ids from spamscan
> >
> > So I use in Mailscanner.conf
> >
> > Spam Checks = spamcheck.rules
> >
> > This file has
> >
> > To: user-1 NO
> > default YES
> >
> > Now a spammer marks a mail to multiple people with user-1  in BCC and
> > the mail passes straight
> > How can I get rid of this problem. If I use the user_in_whitelist_to
> > feature at spamassassin then too I would have the same issue
> 
> MailScanner is doing exactly what you have told it to, you either 
> whitelist user-1 or you don't, you can extend this to using the
> format of 'from and to' but that will be a restricted list, unless you
> are going to waste time constantly adding all the people he wants mail 
> from in the 'and to' segment.
> 
> The cure  Ram is to remove him from the To: whitelist

But user-1 wants all mails including spam  , not others

For eg If I want to allow abuse at mydomain to get all mail without check 
someone sends a mail 
To:the_top_man at domain,abuse at domain 

Then this mail would bypass spam checks and reach the_top_man at domain 
Obviously this would be a concern to everyone , how are you folks
getting over this issue


Thanks
Ram