You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 25 Next »

Whitelisting a user

Adding a user to your whitelist gives them a -100 score, which has the effect of always marking their mail as non-spam.

To manually whitelist a particular address, say d.cary@sparkingwire.com, edit your local user prefs file ~/.spamassassin/user_prefs (or global /etc/mail/spamassassin/local.cf):

# whitelist David Cary:
whitelist_from  d.cary@sparkingwire.com

Whitelist and blacklist addresses are file-glob-style patterns, so
friend@somewhere.com, *@isp.com, or *.domain.net will all work.

# whitelist everyone at sparkingwire.com:
whitelist_from  *@sparkingwire.com

To manually blacklist, use blacklist_from to add an address to your blacklist.

If the sender is at all well known (such as a mailing list), you should use whitelist_from_rcvd instead so that a spammer can't forge their mail to look like it's from the whitelisted address. More info on whitelist_from, whitelist_from_rcvd, and blacklist_from is on the web or can be accessed from your local man pages by typing perldoc Mail::SpamAssassin::Conf.

Some good, free web-based tools are available to put a friendly user interface on whitelists (and blacklists) and allow users to edit their own. See WebUserInterfaces.

What is AutoWhitelist?

Another feature of spamassassin is "auto-whitelist". But the name is a misnomer. The AutoWhitelist is designed as an automatic score averaging system, and is just as likely to penalize or blacklist an address as it is to benefit or whitelist it. If you want to whitelist, you should use the directions above.

Automatically whitelisting people you've emailed

To extract a unique list of e-mail addresses from your 'Sent' folder (in mbox format), you could use something like this:

In your ~/.spamassassin/user_prefs file, put this in:

include sent_whitelist

The following script creates the sent_whitelist file with 100 addresses per line:

SADIR=~/.spamassassin
SENTMAIL=~/mail/Sent

cat $SENTMAIL |
        grep -Ei '^(To|cc|bcc):' |
	grep -oEi '[a-z0-9_.=/-]+@([a-z0-9-]+\.)+[a-z]{2,}' |
	tr "A-Z" "a-z" |
	sort -u |
        xargs -n 100 echo "whitelist_from" > $SADIR/sent_whitelist

This can be adapted as necessary, and executed as a cron job.

The script is simple and fast, but not very accurate. It extracts strings looking like e-mail addresses from the lines starting with To: CC: and BCC. However it does not take into account the continuation lines (addresses on continuation lines are not added to the white list), but extracts addresses from message body (if a line in the body starts with To:/CC:/BCC:, which often happens when formwarding e-mails).

To make the script more accurate but much more slow replace the line "grep -Ei '^(To|cc|bcc):'|" with a call to formail (part of procmail package):

	formail -s formail -czx 'To:' -x 'CC:' -x 'BCC:' |

Formail extracts lines only from RFC-822 header and concatenates continued fields providing an accurate list of all addresses.

Building an auto-whitelist from LDAP

If you run an LDAP-based addressbook, you can use the following simple cron job to build a whitelist nightly:

# Create a SpamAssassin whitelist
0 * * * *       /usr/pkg/bin/ldapsearch -LLL -b dc=domain,dc=net,dc=au mail | awk '/^mail:/ {print "whitelist_from " $2}' > $HOME/.spamassassin/whitelist_from_ldap.cf

In your ~/.spamassassin/user_prefs file, put this in:

# Whitelist and blacklist addresses are now file-glob-style patterns, so
# "friend@somewhere.com", "*@isp.com", or "*.domain.net" will all work.
# whitelist_from        someone@somewhere.com
whitelist_from  *@blah.com
include whitelist_from_ldap.cf

Contributors

  • No labels