Discussion:
[Mimedefang] score USER_IN_WHITELIST_TO
Marcus Schopen
2017-11-20 12:59:30 UTC
Permalink
Hi,

setting

whitelist_to

in sa-mimedefang.cf seems to hit

score USER_IN_WHITELIST_TO -6.0 # they want some spam

spamassassin score, so the score is reduced by a value of 6.0.


How do I hit the -100 score

score USER_IN_WHITELIST -100.0

using sa-mimedefang.cf?

Ciao
Marcus


_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list ***@lists.roaringpenguin.com
http://lists.roaringpenguin.co
Kris Deugau
2017-11-20 21:41:43 UTC
Permalink
This post might be inappropriate. Click to display it.
Bill Cole
2017-11-21 15:32:39 UTC
Permalink
Post by Kris Deugau
USER_IN_WHITELIST_TO applies to all mail for a given recipient; IMO
it's a crude hack to work around cases where whatever is calling SA
can't use the SA userprefs system to just change the threshold
instead.
It is very useful for protecting role aliases (e.g. abuse, postmaster)
that are mapped to targets (e.g. root or an off-system address) that
should not generally be left unprotected.

It also is useful to allow end users to create ad hoc tagged addresses
on the fly that get more lenient treatment without needing to create any
per-address config on the server. If the tag (or in some cases, the
whole local-part for a 1-user virtual domain) matches a specific
pattern, it is given a pass round the insane local blacklist and a
SpamAssassin bonus. Users can kill a particular tagged address by moving
mail to that address into a special IMAP mailbox. This is far simpler
than training users to manage a user_prefs file or database record.
--
Bill Cole
***@scconsult.com or ***@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list ***@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailm
Marcus Schopen
2017-11-22 20:16:39 UTC
Permalink
Post by Bill Cole
Post by Kris Deugau
USER_IN_WHITELIST_TO applies to all mail for a given recipient; IMO
it's a crude hack to work around cases where whatever is calling SA
can't use the SA userprefs system to just change the threshold instead.
It is very useful for protecting role aliases (e.g. abuse, postmaster)
that are mapped to targets (e.g. root or an off-system address) that
should not generally be left unprotected.
This is what I want to use it for: postmaster@ and abuse@

Ciao!


_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list ***@lists.roaringpenguin.com
http://li
Kris Deugau
2017-11-22 21:39:49 UTC
Permalink
Post by Bill Cole
Post by Kris Deugau
USER_IN_WHITELIST_TO applies to all mail for a given recipient; IMO
it's a crude hack to work around cases where whatever is calling SA
can't use the SA userprefs system to just change the threshold instead.
It is very useful for protecting role aliases (e.g. abuse, postmaster)
that are mapped to targets (e.g. root or an off-system address) that
should not generally be left unprotected.
Right, sorry, I forgot about those kind of cases (even in the man page
IIRC). I've always excluded those by just not passing their mail to SA
- either because of some magic in my MIMEDefang setup, or by disabling
the call to SA at final delivery to a mailbox.

You can set the score for this the same as any other rule, by adding
this to sa-mimedefang.cf:

score USER_IN_WHITELIST_TO -100

Note that this affects *all* whitelist_to entries; there is no way to
selectively set a different score for each one. If you need to do that,
you probably need to make larger changes in the mail flow for those
recipients so you can bypass SA entirely, or process it but deliver as
usual instead of quarantining for those recipients.

-kgd
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list ***@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo
Bill Cole
2017-11-22 23:57:46 UTC
Permalink
On 22 Nov 2017, at 16:39 (-0500), Kris Deugau wrote:
[...]
Post by Kris Deugau
Right, sorry, I forgot about those kind of cases (even in the man page
IIRC). I've always excluded those by just not passing their mail to
SA - either because of some magic in my MIMEDefang setup, or by
disabling the call to SA at final delivery to a mailbox.
You can set the score for this the same as any other rule, by adding
score USER_IN_WHITELIST_TO -100
Note that this affects *all* whitelist_to entries; there is no way to
selectively set a different score for each one. If you need to do
that, you probably need to make larger changes in the mail flow for
those recipients so you can bypass SA entirely, or process it but
deliver as usual instead of quarantining for those recipients.
Not wanting to seem argumentative for its own sake or turn this into
<spamassassin-***@apache.org>, but this is from one of my local config
files:

# Default is -6 but this is a more useful value
score USER_IN_WHITELIST_TO -3
# Default is -20 but that's too much for most exposed accounts
score USER_IN_MORE_SPAM_TO -10.000
# Default is -100 but "all" really shouldn't extend that far. There are
limits...
score USER_IN_ALL_SPAM_TO -40.000

Because as 'perldoc Mail::SpamAssassin::Conf' explains:

There are three levels of To-whitelisting, "whitelist_to",
"more_spam_to" and "all_spam_to". Users in the first level may
still get some spammish mails blocked, but users in "all_spam_to"
should never get mail blocked.

I use this to both protect role addresses and (in conjunction with
Postfix config) to provide users with multiple flavors of tagged
addresses that get different levels of protection from my draconian
local SA rules and the local DNSBL (not queryable from outside although
idiots do try) which lists space used by a whole lot of perfectly
innocent people (literally billions) and more than a few part-time
miscreants (e.g. SendGrid, MailChimp, etc.)
--
Bill Cole
***@scconsult.com or ***@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list ***@lists.roaringpenguin.com
http://list
Continue reading on narkive:
Loading...