To whitelist or not...

[James Gray]

Hi All,

Here's the situation.  We don't do any spam scanning in MailScanner (RBL's 
etc) - we handle all spam filtering in SpamAssassin.  MailScanner then does 
all the virus/attachment/phishing/etc checks.

Up until recently, we've been adding addresses to the spam.whitelist.rules 
to exempt messages from being flagged as spam.  We don't deliver 
spamassassin reports in the headers so the only thing this did was add to 
our rule hit counts in MailWatch.

I've done an experiment.  I've created a rule set for the "Use SpamAssassin" 
config option and moved a few of the whitelisted addresses into there with 
a "no" action.  IOW, the "use.sa.rules" file looks like this:
From:      whitelist_add1 at domain               no
From:      whitelist_add2 at another-domain       no
FromOrTo:  default                             yes

We get a LOT of mail from these whitelisted addresses (they are 
notifications and messages generated by our systems and our customers' 
systems) and consequently add a nontrivial amount of load.

My thinking is that by stopping them from going through SpamAssassin I'll 
reduce the load, and still achieve the desired effect of "whitelisting" 
them.  I still want the virus/attachment/etc checking done, just none of 
the spam stuff.  It appears to be working as I want but I'm not sure if 
I've missed something important.

Have I missed something?  Or is this a reasonable approach?

Cheers.

James
-- 
The joys of love made her human and the agonies of love destroyed her.
		-- Spock, "Requiem for Methuselah", stardate 5842.8
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20060316/9007338f/attachment.bin