Whitelisted when it shouldn't be
Matt Kettler
mkettler at evi-inc.com
Mon Jun 19 20:32:37 IST 2006
Christian Rasmussen wrote:
> I'm running version 4.54.6/Sendmail on FC3
>
> I'm seeing entries in my maillog showing whitelisted messages a couple
> of times a day from domains/IPs that I haven't whitelisted. Aside from
> the MailScanner/rules/spam.whitelist.rules (or any other file in that
> tree) is there anywhere else that MailScanner would get the idea that
> the message should be whitelisted? Everything else appears to be working
> just fine and the ones that are actually whitelisted do appear in the
> same manner.
>
>
> Any ideas/thoughts/pointers appreciated.
>
AFAIK, there's no other files that will cause this...
That said, first check your "Is Definitely Not Spam" setting in
MailScanner.conf. It should point to your spam.whitelist.rules like so:
Is Definitely Not Spam = %rules-dir%/spam.whitelist.rules
If it's not set that way, check the file it is set to.
While you're at it, make sure rules-dir is set to the correct directory.
Something like this should be in your MailScanner.conf:
%rules-dir% = /etc/MailScanner/rules
After verifying MailScanner.conf is sane, I'd suggest running the following
greps in your rules directory:
#checking from=<pqwpzr at schwarb.com>
grep -i schwarb.com *
grep -i pqwpzr *
# checking: to=<ensure at ONE_OF_MY_DOMAINS>
grep -i ensure *
grep -i ONE_OF_MY_DOMAINS *
# checking: relay=cei175.neoplus.adsl.tpnet.pl [83.30.184.175]
grep -i neoplus *
grep -i adsl *
grep -i tpnet *
grep -i "83\.30\.184\." *
It's possible a From or To: rule isn't working quite as you expect, so this
should pull out all the relevant rules.
More information about the MailScanner
mailing list