Scalability of 'spam.whitelist.rules' facility

Martin.Hepworth martinh at solidstatelogic.com
Mon May 21 11:47:14 IST 2007


Quentin

What about whitelisting via domain-keys for yahoo?

I've used this successfully.

--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300

> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-
> bounces at lists.mailscanner.info] On Behalf Of Quentin Campbell
> Sent: 21 May 2007 11:39
> To: MailScanner discussion
> Subject: RE: Scalability of 'spam.whitelist.rules' facility
>
> >-----Original Message-----
> >From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-
> >bounces at lists.mailscanner.info] On Behalf Of Randal, Phil
> >Sent: 21 May 2007 10:49
> >To: MailScanner discussion
> >Subject: RE: Scalability of 'spam.whitelist.rules' facility
> >
> >Is there no obvious pattern in the email addresses to be whitelisted?
>
> Phil
>
> Not usually. A large number may be from AOL or Yahoo accounts but I am
> not about to whitelist those domains!
>
> >
> >Or spamassassin rules they are falling foul of?
>
> As I said in my original mail we rely mostly now on the SA Bayesian
> filter score. If that gives a low score (<60% certainty, say) but a
> local rule pushes the score over the threshold then I will consider
> removing/modifying the local rule if its weighting is too aggressive.
>
> >
> >The problem with whitelisting "From:" email addresses is that this
will
> >let in spams spoofing these from addresses.
>
> Rarely a problem with individual addresses but a problem if I
whitelist
> domains such as 'ac.uk'.
>
> >
> >You should only really be using whitelist_from_rcvd,
> whitelist_from_spf,
> >whitelist_from_dkim etc in spamassassin.
>
> I was not aware of these features in SA. Not sure why they might help?
>
> Have not found SPF particularly useful given the very wide range of
> sources from which we receive genuine e-mail many of which do not
> advertise SPF records or they use 'softfail' when they do.
>
> >
> >Our spam.whitelist.rules only includes 127.0.0.1, nothing more.
> >
> >It looks like you're trying to work around another problem rather
than
> >trying to address root causes.
>
> What problems do you think we are trying to address?
>
> The main problem is the rather informal or juvenile nature of the
e-mail
> formats used by lots of young people corresponding with lots of other
> young people. Their messages tend to have some/lots of the
> characteristics of spam. That, coupled with the sending ISP perhaps
> being listed on one of the DNSBLs used by SA (_not_ the two DNSBLs we
> check during the SMTP exchange), makes it more likely that their
> messages achieve a score that is over the tagging threshold.
>
> Our recipients can usually set up a personal mail filter to catch mail
> from all their usual recipients whether MS tagged it or not. However
> they cannot be bothered to do this. Our Helpdesk staff who field all
> enquiries/complaints about false positives do not have the time to
> investigate each request to whitelist (more than 300 last week); they
> just add them to the file (using a web interface and CGI script I
> provide).
>
> Quentin
> ---
> PHONE: +44 191 222 8209    Information Systems and Services (ISS),
>                            Newcastle University,
>                            Newcastle upon Tyne,
> FAX:   +44 191 222 8765    United Kingdom, NE1 7RU.
> ------------------------------------------------------------------
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!




**********************************************************************
Confidentiality : This e-mail and any attachments are intended for the 
addressee only and may be confidential. If they come to you in error 
you must take no action based on them, nor must you copy or show them 
to anyone. Please advise the sender by replying to this e-mail 
immediately and then delete the original from your computer.

Opinion : Any opinions expressed in this e-mail are entirely those of 
the author and unless specifically stated to the contrary, are not 
necessarily those of the author's employer.

Security Warning : Internet e-mail is not necessarily a secure 
communications medium and can be subject to data corruption. We advise 
that you consider this fact when e-mailing us. 

Viruses : We have taken steps to ensure that this e-mail and any 
attachments are free from known viruses but in keeping with good 
computing practice, you should ensure that they are virus free.

Red Lion 49 Ltd T/A Solid State Logic
Registered as a limited company in England and Wales 
(Company No:5362730)
Registered Office: 25 Spring Hill Road, Begbroke, Oxford OX5 1RU, 
United Kingdom
**********************************************************************



More information about the MailScanner mailing list