Re: Dan Bernstein's issues about namedroppers list operation

[ned.freed@mrochek.com]

> At Fri, 10 Jan 2003 08:41:17 -0800 (PST), Ned Freed wrote:
> >
> > It would be good for any use of spamassassin that discards messages outright
> > to employ a substantial whitelist, perhaps including the addresses of every
> > list member.

> Unfortunately, due to the spammers (well, the virus posters, anyway)
> having gotten wise to member only posting restrictions, this doesn't
> quite work either.

I keep hearing anecdotal claims that the spammers are doing this, but I've
never actually encountered one myself or seen a documented case.

I believe the case of virus propogation is really something different. What
happens there is that someone gets infected and sends mail to every address
they have lying around, including the addresses of the lists they are on. In
such a case often as not the message come from their subscription address,
and therefore gets through.

> What you would really want here is a greylist that
> upgrades stuff that claims to be from list members back up to the
> "looks bogus, but ask a human" catagory.

> This is doable with sufficient procmail hackery, but it's more work.

Another option is to assign the whitelist in spamassasin a weight of something
other than -100. I suspect this is a single line configuration change.

				Ned