[luau] SpamAssassin Spoofing
Vince Hoang
luau at ml.altern8.net
Thu Aug 7 12:13:01 PDT 2003
On Thu, Aug 07, 2003 at 11:15:48AM -1000, Randall Oshita wrote:
> I put *@hpu.edu on the whitlist because I got some faculty
> complaining that they cannot send "load" emails from
> webexchange (html) out and gets tagged as spam.
Then forward all your spam to that faculty member. :)
All kidding aside, that is more a policy than a technical issue
to work out.
> If I write a MD rule wouldn't that be the same as whitelisting
> it? Or do you mean that a MD rule can look at headers to
> filter? Also, what gets read first the blacklist or the
> whitelist?
No. Whitelisting within SA subjects you to domain spoofing. With
MD, you setup a rule to reject all mail claiming to be from
hpu.edu, but coming from outside of hpu.edu's network. This
approach does require a comfortable grasp of perl.
I believe SA whitelists before blacklists.
-Vince
More information about the LUAU
mailing list