The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Does the SpamAssassin whitelist work?

Discussion in 'General Discussion' started by davebach, May 31, 2004.

  1. davebach

    davebach Registered

    Joined:
    Jan 21, 2004
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I have SpamAssaassin enabled and have an email address used for a form on my website in the SpamAssaassin whitelist, but email to that address is still flagged as spam occasionally.

    Everything is configured like this: SpamAssaassin is enabled. Anything above 5 is considered spam. The address formaddress@myserver.com is on the SpamAssaassin whitelist. All mail is received, checked by SpamAssassin and forwarded to my primary email account, where a cpanel filter discards anything scoring higher than a 10.

    Email from formaddress@myserver.com is passing through SpamAssaassin, but it is not left alone even though its on the whitelist. If I use enough 'organ enlarging' words, it will easily score a 7 (also because the 'From' and 'Received' headers don't match, since a cgi script sends the email from my server).

    I was under the impression that the whitelist would cause SpamAssassin to bypass filtering the mail and just send it on its way, or at least score it a 0. Does the SpamAssassin whitelist work?

    Dave
     
  2. charlie

    charlie Member

    Joined:
    Aug 19, 2001
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    1
    The WHITELIST_TO feature works, but not as you would expect. All e-mails, even those in the whitelist are scanned and scored. Negative scores are applied to the whitelisted e-mails.
    Example: An e-mail that gets a spam score of 14 will get 6 points subtracted if it is in the whitelist. The final score will be 8, still high enough to trip your SA as spam.

    Spam Assassin has three rules that allow some spam, more spam and all spam to be received by addresses you add to the three lists.

    The three lists and their default scores are
    WHITELIST_TO -6
    MORE_SPAM_TO -20
    ALL_SPAM_TO -100

    As you can see "whitelist_to" is really a "let some spam through" list. All_spam_to" is the real whitelist.

    Three choices To solve your problem
    1. In your user_prefs file, change the WHITELIST_TO score to -100
    score whitelist_to -100
    OR
    2. Put the address in the ALL_SPAM_TO list
    all_spam_to address@yourdomain.com
    OR
    3. Fix the formmail script so that it scores low without the address needing to be on any list. This is more important when a script generated e-mail goes somewhere besides your own domain. Someone else is not likely to have your form address whitelisted (or all_spam_to listed).

    Most high spam scores from script generated emails come from having no MIME type, "Short" Message ID, and no "from" address.I alway have the script generate a message ID header, add a "from" header, and a mime type header.
    Look through the SA tags in the headers for hints on where you can reduce the score for that script.

    Hope this clears it up a bit.
     
  3. davebach

    davebach Registered

    Joined:
    Jan 21, 2004
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Thanks for the help. I first tried "score whitelist_to -100" but it did not work... it never showed up in the header when I looked at the received email.

    But "all_spam_to" with the addresses I use in my forms worked fine. This is OK in my circumstance because the addresses are not public and are not passed to formmail as a hidden value (I use a modified version of formail that adds my domain to the email value). This setting actually gives the email a -100 score before normal filtering.

    Dave
     
  4. goodmove

    goodmove Well-Known Member

    Joined:
    May 12, 2003
    Messages:
    624
    Likes Received:
    0
    Trophy Points:
    16
    When you say the "primary email account", do you mean your username email account? I thought email filters were processed before Spamassassin (and therefroe didn't work) for the username accounts.
     
  5. davebach

    davebach Registered

    Joined:
    Jan 21, 2004
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Sorry, probably not the best terminology to use there... no, not the username/login account, an additional email account that is also assigned as the 'default' address. This always seemed to be a good thing to do even before I turned on SA... this way your login password isn't thrown around so much.

    Dave
     
Loading...

Share This Page