{Disarmed} Confusion regarding whitelisting... (scan.messages.rules vs. spam.whitelist.rules?)

Julian Field MailScanner at ecs.soton.ac.uk
Mon Jul 16 21:49:19 IST 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Rick Tait wrote:
> Hi all,
>
> I am suffering a little bit of confusion regarding whitelisting, and I 
> am hoping that someone can help me out. I'm sure its very simple.
>
> I am trying to make sure that certain emails are NOT spam-checked ( 
> i.e. whitelisted). It is my understanding that I can use the "Scan 
> Messages" directive for this.
If you use that, it will not virus-scan them either. If you just want to 
stop spam checks, use "Spam Checks" for doing this.
> OK, so the email address I want to be whitelisted is: *MailScanner has 
> detected a possible fraud attempt from "gort.flamingangelfilms.com" 
> claiming to be* jeffgund at infolist.com 
> <http://gort.flamingangelfilms.com/sqmail/src/compose.php?send_to=jeffgund%40infolist.com>.
>
> So the appropriate parts of my MailScanner.conf are:
>
> Scan Messages = %rules-dir%/scan.messages.rules
> Is Definitely Not Spam = %rules-dir%/spam.whitelist.rules
> Is Definitely Spam = %rules-dir%/spam.blacklist.rules
>
> And in my /etc/MailScanner/rules/scan.messages.rules, I have the 
> following (which I understand tells MailScanner NOT to scan messages 
> from this address, but then scan all others):
>
> From: jeffgund at infolist.com <mailto:jeffgund at infolist.com>  no
> ToOrFrom: default yes
>
> Contents of /etc/MailScanner/rules/spam.whitelist.rules:
> FromOrTo:       default         no
>
> Contents of /etc/MailScanner/rules/spam.blacklist.rules:
> (empty)
>
> I have restarted MailScanner, but the emails from this user are still 
> being marked as SPAM! From the headers I can see:
Check that the envelope sender address is really where the message is 
claiming to come from, for starters.
>
> *X-MailScanner-SpamCheck:* spam, SpamAssassin (not cached, score=6.58,
>      required 4.8, BAYES_40 2.00, HTML_40_50 0.50, HTML_MESSAGE 0.00,
>      HTML_MIME_NO_HTML_TAG 1.08, MIME_HTML_ONLY 0.00,
>      UNPARSEABLE_RELAY 3.00)
>
> I am very confused as to why this is not being whitelisted. I 
> initially had a similar entry in 
> /etc/MailScanner/rules/spam.whitelist.rules but that did not seem to 
> work either.
>
> What am I doing wrong?
>
> For simple whitelisting, i.e. please never check emails from 
> foo at foo.com <mailto:foo at foo.com> or *@*.foo.com, what is the correct 
> procedure? spam.whitelist.rules or scan.messages.rules ?
>
> Thank you all in advance!
>
> -Rick.
>

Jules

- -- 
Julian Field MEng CITP
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
For all your IT requirements visit www.transtec.co.uk


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.2 (Build 2014)
Charset: ISO-8859-1

wj8DBQFGm9nQEfZZRxQVtlQRAuCJAJ9j6IiEcuEXqX1UXK9wyubTCwWVTgCeNt6Y
FYBZAykwJkk+SEDDF0Y8APU=
=UQKF
-----END PGP SIGNATURE-----

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit www.transtec.co.uk

More information about the MailScanner mailing list