Everyone gets written to .spamassassin/auto-whitelist file

[Tritech]

Hi,
I'm seeing some strange behavior that perhaps you can suggest how to fix or at least explain.

I have spamassassin enabled on a user account and a file is automatically being created named:
~/.spassassin/auto-whitelist

This file seems to get populated with the e-mail addresses of everyone that ever mails TO this account (including ones which turn out to be spam... not sure if they were scored as spam, though). I do not want this behavior. It would be be fine if the e-mail addresses that I send things to get auto-whitelisted, but not the ones I receive... otherwise spamassassin quickly becomes ineffective.

the only related directive I have in my user_prefs file is:
whitelist_from *.edu
But, as I said, every e-mail sender's address ends up in the auto-whitelist file.

How can this be fixed, either at the user level or at the cPanel host level?

Thanks!
Andrew

[Tritech]

No one replied to my post...

And I still do not have an explanation of this bogus problem

But at least I can post a method to turn off the auto-whitelist that contains all the bogus e-mail addresses:

end-users can include the following line in their
~/.spamassassin/user_prefs file:

use_auto_whitelist 0

and then they can delete the existing auto-whitelist file and it will not be recreated.