whitelist_to getting exploited

John Van Ostrand john at netdirect.ca
Fri Dec 29 15:28:53 CET 2006

On Fri, 2006-12-29 at 19:34 +1000, Res wrote:
> On Fri, 29 Dec 2006, Ramprasad wrote:
> > Now a spammer marks a mail to multiple people with user-1  in BCC and
> > the mail passes straight
> > How can I get rid of this problem. If I use the user_in_whitelist_to
> > feature at spamassassin then too I would have the same issue
> MailScanner is doing exactly what you have told it to, you either 
> whitelist user-1 or you don't, you can extend this to using the
> format of 'from and to' but that will be a restricted list, unless you
> are going to waste time constantly adding all the people he wants mail 
> from in the 'and to' segment.
> The cure  Ram is to remove him from the To: whitelist

Have you considered using "Use Default Rules With Multiple Recipients =

If that's a problem because you want an absolute whitelist on emails to
that user then there are sendmail techniques I've heard of split
messages when addressed to multiple recipients.

John Van Ostrand                       Net Direct Inc.
CTO, co-CEO                   564 Weber St. N. Unit 12
                                  Waterloo, ON N2L 5C6
john at netdirect.ca                     ph: 518-883-1172 x5102
Linux Solutions / IBM Hardware        fx: 519-883-8533

More information about the MailScanner mailing list