Whitelisted when it shouldn't be

Matt Kettler mkettler at evi-inc.com
Mon Jun 19 20:32:37 IST 2006

Christian Rasmussen wrote:
> I'm running version 4.54.6/Sendmail on FC3 
> I'm seeing entries in my maillog showing whitelisted messages a couple
> of times a day from domains/IPs that I haven't whitelisted. Aside from
> the MailScanner/rules/spam.whitelist.rules (or any other file in that
> tree) is there anywhere else that MailScanner would get the idea that
> the message should be whitelisted? Everything else appears to be working
> just fine and the ones that are actually whitelisted do appear in the
> same manner.

> Any ideas/thoughts/pointers appreciated.

AFAIK, there's no other files that will cause this...

That said, first check your "Is Definitely Not Spam" setting in
MailScanner.conf. It should point to your spam.whitelist.rules like so:

Is Definitely Not Spam = %rules-dir%/spam.whitelist.rules

If it's not set that way, check the file it is set to.

While you're at it, make sure rules-dir is set to the correct directory.
Something like this should be in your MailScanner.conf:

%rules-dir% = /etc/MailScanner/rules

After verifying MailScanner.conf is sane, I'd suggest running the following
greps in your rules directory:

#checking from=<pqwpzr at schwarb.com>
grep -i schwarb.com *
grep -i pqwpzr *

# checking: to=<ensure at ONE_OF_MY_DOMAINS>
grep -i ensure *

# checking: relay=cei175.neoplus.adsl.tpnet.pl []
grep -i neoplus *
grep -i adsl *
grep -i tpnet *
grep -i "83\.30\.184\." *

It's possible a From or To: rule isn't working quite as you expect, so this
should pull out all the relevant rules.

More information about the MailScanner mailing list