Custom function white/black list bug?

Mon May 22 18:19:46 IST 2006

Richard Lynch spake the following on 5/20/2006 2:06 PM:
> Julian Field wrote:
> 
> {...snip...}
> 
>>> I guess.  I've been using "default" for our_domain.  That way it
>>> applies to our_domain and some of the other domains we handle.  I did
>>> try putting abuse at our_domain in the
>>> spam.bydomain/whitelist/our_domain file and it still didn't get white
>>> listed.  It only started working when I added the...
>>>
>>> return 1 if $BlackWhite->{'default'}{$to};
>>>
>>> ...line of code to the function.
>> But the files are all users/domains/default recipients. Each line in a
>> file gives an entry for the sender going to the user/domain/default
>> specified by the filename.
> Yes, I understand.  That's why I modified the code with the line above
> so that it would also check the recipient.
> 
> {...snip...}
>>> Well it doesn't work for me unless I modify the code as indicated in
>>> my original post.  In my case abuse at our_domain is the only
>>> recipient.  Looking at the code I don't see a check for the "To:"
>>> address in the default file.  I see a test for $from, $fromdomain,
>>> and $ip.  I don't see a check for $to.  That's why I added the line
>>> of code.
>> There isn't the $to check as the filenames are named after the
>> recipient users/domains/default. The contents of each file lists the
>> senders that are black/whitelisted for the addresses described by the
>> filename.
>>
> So you're saying that the bydomain white list (and blacklist for that
> matter) entries are all aimed at allowing/disallowing senders to
> particular users/domains.  It has nothing to do with the recipient. 
> (That's what I was attempting to achieve with my modification -- which
> worked by the way.)
> 
> This means there is no way for me to have a mailbox (abuse at wvnet.edu)
> setup such that mail from anyone at anywhere to that address gets delivered
> and not flagged as spam.
> 
> The problem is that I have people on the internet reporting spam coming
> from our network by sending it to abuse at wvnet.edu.  However, our
> helpdesk people never see it because it gets detected as spam and
> deleted.  I tried putting abuse in the wvnet.edu file but it doesn't
> work since this facility is looking for the sender (who could be anyone)
> rather than the recipient (abuse at wvnet.edu).
> 
> I suppose I can get around this by coding a spamassassin rule that gives
> a large positive value for mail going to abuse at wvnet.edu.  I think I'll
> just handle it that way since I don't know the ramifications of the mod
> to the code.  Thanks for the clarification.
> 
> Richard
> 
I hope you meant a large NEGATIVE value. A large positive value will really
make it disappear.

-- 

MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!