spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jonas Eckerman <jonas_li...@frukt.org>
Subject Re: can we make AWL ignore mail from self to self?
Date Mon, 02 Jun 2008 11:02:34 GMT
Jo Rhett wrote:

>> And considering that SpamAssassin doesn't (in many configurations) 
>> even know what recipient address a message has, it might actually be 
>> easier than having the AWL ignore mail from self->self.

> It has to, for the AWL to work.

No, it hasn't. The AWL only uses the *senders* address and the IP 
address of the client. It doesn't use the recipients address.

The AWL helps discriminate between senders. Not sender->recipient 
pairs.

>> As long as the MSA adds authentication info in it's received header, 
>> this could be fetched from "X-Spam-Relays-Trusted" pseudo header. The 
>> changes to do this would not be more difficult or invlolved than the 
>> changes necessary to exempt self->self mail from the AWL AFAICS.

> Easy or not, I don't see the value just yet.

Including the authentication state in the AWL key would

1: Fix the problem you reported (unless I misunderstood you)

2: Fit with the current function of the AWL (discriminating 
between senders with no regard for recipient addresses).

> The AWL wouldn't work if it didn't know the recipient.  Since this is 
> something it stores in the AWL database we know that the recipient 
> information is there.

That's strange, considering that the AWL does work now, and it 
doesn't know the recipient.

Also, the AWL doesn't store the recipient address in the database.

If you use SQL base AWL, Mail::SpamAssassin::SQLBasedAddrList 
will store a username in the database, but neither 
Mail::SpamAssassin::Plugin::AWL nor 
Mail::SpamAssassin::AutoWhitelist knows anything about that AFAICS.

Also, the username in the database might or might not be the 
recipients address or username. This depends entirely on how the 
system is setup. Here it is either "mdf" or "spamd", and never 
the recipients address or local username (the local users aren't 
on the same machine as SA, so it knows nothing about them).

> You've presented good logic for acceping mail from self to self.  But 
> you haven't explained by using the AWL for mail from self to self is 
> better than not having it.

Because it can help discriminate between spam and ham addressed 
from self to self. Heres an example:

StupidWebService send self->self addressed ham from relay 1.2.3.4

EvilSpammer send self->self addressed spam from relay 5.6.7.8 
(wich, unfortunately, belongs to a big ISP so the relay doesn'ät 
get blocked).

One day StupidWebService send a ham that triggered a bunch of 
positive hits (including BAYES_99). Since mail from self@1.2 has 
a negative score in the AWL, the mail gets though all right.

One day EvilSpammer manages to send a mail that doesnät hit any 
positive rules, but does hit BAYES_00. Since self@5.6 has a high 
positive score in the AWL, the mail still gets flagged as spam.

If the AWL ignore mail from self->self, the two mails in the 
above example would have been misclassified.

Regards
/Jonas
-- 
Jonas Eckerman, FSDB & Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/


Mime
View raw message