Custom function white/black list bug?

Julian Field MailScanner at ecs.soton.ac.uk
Sat May 20 23:00:51 IST 2006



Richard Lynch wrote:
> Julian Field wrote:
>
> {...snip...}
>
>>> I guess.  I've been using "default" for our_domain.  That way it 
>>> applies to our_domain and some of the other domains we handle.  I 
>>> did try putting abuse at our_domain in the 
>>> spam.bydomain/whitelist/our_domain file and it still didn't get 
>>> white listed.  It only started working when I added the...
>>>
>>> return 1 if $BlackWhite->{'default'}{$to};
>>>
>>> ...line of code to the function.
>> But the files are all users/domains/default recipients. Each line in 
>> a file gives an entry for the sender going to the user/domain/default 
>> specified by the filename.
> Yes, I understand.  That's why I modified the code with the line above 
> so that it would also check the recipient.
>
> {...snip...}
>>> Well it doesn't work for me unless I modify the code as indicated in 
>>> my original post.  In my case abuse at our_domain is the only 
>>> recipient.  Looking at the code I don't see a check for the "To:" 
>>> address in the default file.  I see a test for $from, $fromdomain, 
>>> and $ip.  I don't see a check for $to.  That's why I added the line 
>>> of code.
>> There isn't the $to check as the filenames are named after the 
>> recipient users/domains/default. The contents of each file lists the 
>> senders that are black/whitelisted for the addresses described by the 
>> filename.
>>
> So you're saying that the bydomain white list (and blacklist for that 
> matter) entries are all aimed at allowing/disallowing senders to 
> particular users/domains.  It has nothing to do with the recipient.
Yes. You are aiming to achieve something I didn't design the original to 
do, it was all intended for incoming mail to your customers. That's why 
you need to change it, you are trying to do something different.
>   (That's what I was attempting to achieve with my modification -- 
> which worked by the way.)
>
> This means there is no way for me to have a mailbox (abuse at wvnet.edu) 
> setup such that mail from anyone at anywhere to that address gets 
> delivered and not flagged as spam.
Correct.
>
>
> The problem is that I have people on the internet reporting spam 
> coming from our network by sending it to abuse at wvnet.edu.  However, 
> our helpdesk people never see it because it gets detected as spam and 
> deleted.  I tried putting abuse in the wvnet.edu file but it doesn't 
> work since this facility is looking for the sender (who could be 
> anyone) rather than the recipient (abuse at wvnet.edu).
Correct.
>
> I suppose I can get around this by coding a spamassassin rule that 
> gives a large positive value for mail going to abuse at wvnet.edu.  I 
> think I'll just handle it that way since I don't know the 
> ramifications of the mod to the code.
That sounds like an alternative way of doing it.

The other possibility, which is considerably faster, is to put a simple 
ruleset on "Spam Checks =" which says
    To: abuse at wvnet.edu no
    FromOrTo: default yes
As you see there is more than 1 way of achieving this aim.

Hopefully this helps sort you out without having to change any of my 
code at all, which is always better. I hate having to change people's 
code to achieve something, when there is another way of doing it. Code 
changes tend to make maintenance a nightmare in future years.

-- 
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.



More information about the MailScanner mailing list