Mailing List Archive

svn commit: r1891820 - in /spamassassin/trunk: lib/Mail/SpamAssassin/Conf.pm lib/Mail/SpamAssassin/Plugin/DKIM.pm rules/50_scores.cf rules/60_whitelist.cf rules/60_whitelist_dkim.cf
Author: gbechis
Date: Tue Jul 27 07:05:54 2021
New Revision: 1891820

URL: http://svn.apache.org/viewvc?rev=1891820&view=rev
Log:
Add [welcome,block]list_from_dkim and [welcome,block]list_from_uri_host

Modified:
spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm
spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/DKIM.pm
spamassassin/trunk/rules/50_scores.cf
spamassassin/trunk/rules/60_whitelist.cf
spamassassin/trunk/rules/60_whitelist_dkim.cf

Modified: spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm?rev=1891820&r1=1891819&r2=1891820&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/Conf.pm Tue Jul 27 07:05:54 2021
@@ -639,7 +639,7 @@ C<Mail::SpamAssassin::Plugin::DKIM>). N
and working, for this to operate.

Using C<welcomelist_auth> is roughly equivalent to specifying duplicate
-C<whitelist_from_spf>, C<whitelist_from_dk>, and C<whitelist_from_dkim> lines
+C<whitelist_from_spf>, C<whitelist_from_dk>, and C<welcomelist_from_dkim> lines
for each of the addresses specified.

e.g.
@@ -731,7 +731,7 @@ Use the delist_uri_host directive to neu
settings.

Enlisting to lists named 'BLACK' and 'WHITE' have their shorthand directives
-blacklist_uri_host and whitelist_uri_host and corresponding default rules,
+blocklist_uri_host and welcomelist_uri_host and corresponding default rules,
but the names 'BLACK' and 'WHITE' are otherwise not special or reserved.

=cut
@@ -847,7 +847,9 @@ e.g.
}
});

-=item blacklist_uri_host host-or-domain ...
+=item blocklist_uri_host host-or-domain ...
+
+Previously blacklist_uri_host which will work interchangeably until 4.1.

Is a shorthand for a directive: enlist_uri_host (BLACK) host ...

@@ -856,7 +858,8 @@ Please see directives enlist_uri_host an
=cut

push (@cmds, {
- command => 'blacklist_uri_host',
+ command => 'blocklist_uri_host',
+ aliases => ['blacklist_uri_host'],
setting => 'uri_host_lists',
type => $CONF_TYPE_HASH_KEY_VALUE,
code => sub {
@@ -868,7 +871,9 @@ Please see directives enlist_uri_host an
}
});

-=item whitelist_uri_host host-or-domain ...
+=item welcomelist_uri_host host-or-domain ...
+
+Previously whitelist_uri_host which will work interchangeably until 4.1.

Is a shorthand for a directive: enlist_uri_host (BLACK) host ...

@@ -877,7 +882,8 @@ Please see directives enlist_uri_host an
=cut

push (@cmds, {
- command => 'whitelist_uri_host',
+ command => 'welcomelist_uri_host',
+ aliases => ['whitelist_uri_host'],
setting => 'uri_host_lists',
type => $CONF_TYPE_HASH_KEY_VALUE,
code => sub {

Modified: spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/DKIM.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/DKIM.pm?rev=1891820&r1=1891819&r2=1891820&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/DKIM.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/Plugin/DKIM.pm Tue Jul 27 07:05:54 2021
@@ -156,9 +156,11 @@ sub new {
$self->register_eval_rule("check_dkim_adsp", $Mail::SpamAssassin::Conf::TYPE_HEAD_EVALS);
$self->register_eval_rule("check_dkim_dependable", $Mail::SpamAssassin::Conf::TYPE_FULL_EVALS);

- # whitelisting
- $self->register_eval_rule("check_for_dkim_whitelist_from", $Mail::SpamAssassin::Conf::TYPE_HEAD_EVALS);
- $self->register_eval_rule("check_for_def_dkim_whitelist_from", $Mail::SpamAssassin::Conf::TYPE_HEAD_EVALS);
+ # welcomelisting
+ $self->register_eval_rule("check_for_dkim_welcomelist_from", $Mail::SpamAssassin::Conf::TYPE_HEAD_EVALS);
+ $self->register_eval_rule("check_for_dkim_whitelist_from", $Mail::SpamAssassin::Conf::TYPE_HEAD_EVALS); #Stub - Remove in SA 4.1
+ $self->register_eval_rule("check_for_def_dkim_welcomelist_from", $Mail::SpamAssassin::Conf::TYPE_HEAD_EVALS);
+ $self->register_eval_rule("check_for_def_dkim_whitelist_from", $Mail::SpamAssassin::Conf::TYPE_HEAD_EVALS); #Stub - Remove in SA 4.1

# old names (aliases) for compatibility
$self->register_eval_rule("check_dkim_verified"); # = check_dkim_valid
@@ -180,15 +182,17 @@ sub set_config {

=over 4

-=item whitelist_from_dkim author@example.com [signing-domain]
+=item welcomelist_from_dkim author@example.com [signing-domain]
+
+Previously whitelist_from_dkim which will work interchangeably until 4.1.

Works similarly to welcomelist_from (previously whitelist_from), except that in addition to matching
an author address (From) to the pattern in the first parameter, the message
must also carry a valid Domain Keys Identified Mail (DKIM) signature made by
a signing domain (SDID, i.e. the d= tag) that is acceptable to us.

-Only one whitelist entry is allowed per line, as in C<welcomelist_from_rcvd>.
-Multiple C<whitelist_from_dkim> lines are allowed. File-glob style characters
+Only one welcomelist entry is allowed per line, as in C<welcomelist_from_rcvd>.
+Multiple C<welcomelist_from_dkim> lines are allowed. File-glob style characters
are allowed for the From address (the first parameter), just like with
C<welcomelist_from_rcvd>.

@@ -202,39 +206,43 @@ will be an Author Domain Signature (some
which is a signature where the signing domain (SDID) of a signature matches
the domain of the author's address (i.e. the address in a From header field).

-Since this whitelist requires a DKIM check to be made, network tests must
+Since this welcomelist requires a DKIM check to be made, network tests must
be enabled.

-Examples of whitelisting based on an author domain signature (first-party):
+Examples of welcomelisting based on an author domain signature (first-party):
+
+ welcomelist_from_dkim joe@example.com
+ welcomelist_from_dkim *@corp.example.com
+ welcomelist_from_dkim *@*.example.com

- whitelist_from_dkim joe@example.com
- whitelist_from_dkim *@corp.example.com
- whitelist_from_dkim *@*.example.com
+Examples of welcomelisting based on third-party signatures:

-Examples of whitelisting based on third-party signatures:
+ welcomelist_from_dkim jane@example.net example.org
+ welcomelist_from_dkim rick@info.example.net example.net
+ welcomelist_from_dkim *@info.example.net example.net
+ welcomelist_from_dkim *@* mail7.remailer.example.com
+ welcomelist_from_dkim *@* *.remailer.example.com

- whitelist_from_dkim jane@example.net example.org
- whitelist_from_dkim rick@info.example.net example.net
- whitelist_from_dkim *@info.example.net example.net
- whitelist_from_dkim *@* mail7.remailer.example.com
- whitelist_from_dkim *@* *.remailer.example.com
+=item def_welcomelist_from_dkim author@example.com [signing-domain]

-=item def_whitelist_from_dkim author@example.com [signing-domain]
+Previously def_whitelist_from_dkim which will work interchangeably until 4.1.

-Same as C<whitelist_from_dkim>, but used for the default whitelist entries
-in the SpamAssassin distribution. The whitelist score is lower, because
+Same as C<welcomelist_from_dkim>, but used for the default welcomelist entries
+in the SpamAssassin distribution. The welcomelist score is lower, because
these are often targets for abuse of public mailers which sign their mail.

-=item unwhitelist_from_dkim author@example.com [signing-domain]
+=item unwelcomelist_from_dkim author@example.com [signing-domain]
+
+Previously unwhitelist_from_dkim which will work interchangeably until 4.1.

Removes an email address with its corresponding signing-domain field
-from def_whitelist_from_dkim and whitelist_from_dkim tables, if it exists.
-Parameters to unwhitelist_from_dkim must exactly match the parameters of
-a corresponding whitelist_from_dkim or def_whitelist_from_dkim config
+from def_welcomelist_from_dkim and welcomelist_from_dkim tables, if it exists.
+Parameters to unwelcomelist_from_dkim must exactly match the parameters of
+a corresponding welcomelist_from_dkim or def_welcomelist_from_dkim config
option which created the entry, for it to be removed (a domain name is
matched case-insensitively); i.e. if a signing-domain parameter was
-specified in a whitelisting command, it must also be specified in the
-unwhitelisting command.
+specified in a welcomelisting command, it must also be specified in the
+unwelcomelisting command.

Useful for removing undesired default entries from a distributed configuration
by a local or site-specific configuration or by C<user_prefs>.
@@ -376,7 +384,7 @@ Example:
=item dkim_minimum_key_bits n (default: 1024)

The smallest size of a signing key (in bits) for a valid signature to be
-considered for whitelisting. Additionally, the eval function check_dkim_valid()
+considered for welcomelisting. Additionally, the eval function check_dkim_valid()
will return false on short keys when called with explicitly listed domains,
and the eval function check_dkim_valid_author_sig() will return false on short
keys (regardless of its arguments). Setting the option to 0 disables a key
@@ -394,7 +402,8 @@ is only informational.
=cut

push (@cmds, {
- setting => 'whitelist_from_dkim',
+ setting => 'welcomelist_from_dkim',
+ alias => ['whitelist_from_dkim'],
type => $Mail::SpamAssassin::Conf::CONF_TYPE_ADDRLIST,
code => sub {
my ($self, $key, $value, $line) = @_;
@@ -408,13 +417,15 @@ is only informational.
my $address = $1;
my $sdid = defined $2 ? $2 : ''; # empty implies author domain signature
$address =~ s/(\@[^@]*)\z/lc($1)/e; # lowercase the email address domain
- $self->{parser}->add_to_addrlist_dkim('whitelist_from_dkim',
+ #Previously the first parameter was whitelist_from_dkim
+ $self->{parser}->add_to_addrlist_dkim('welcomelist_from_dkim',
$address, lc $sdid);
}
});

push (@cmds, {
- setting => 'def_whitelist_from_dkim',
+ setting => 'def_welcomelist_from_dkim',
+ alias => ['def_whitelist_from_dkim'],
type => $Mail::SpamAssassin::Conf::CONF_TYPE_ADDRLIST,
code => sub {
my ($self, $key, $value, $line) = @_;
@@ -428,13 +439,14 @@ is only informational.
my $address = $1;
my $sdid = defined $2 ? $2 : ''; # empty implies author domain signature
$address =~ s/(\@[^@]*)\z/lc($1)/e; # lowercase the email address domain
- $self->{parser}->add_to_addrlist_dkim('def_whitelist_from_dkim',
+ $self->{parser}->add_to_addrlist_dkim('def_welcomelist_from_dkim',
$address, lc $sdid);
}
});

push (@cmds, {
- setting => 'unwhitelist_from_dkim',
+ setting => 'unwelcomelist_from_dkim',
+ alias => ['unwhitelist_from_dkim'],
type => $Mail::SpamAssassin::Conf::CONF_TYPE_ADDRLIST,
code => sub {
my ($self, $key, $value, $line) = @_;
@@ -448,9 +460,10 @@ is only informational.
my $address = $1;
my $sdid = defined $2 ? $2 : ''; # empty implies author domain signature
$address =~ s/(\@[^@]*)\z/lc($1)/e; # lowercase the email address domain
- $self->{parser}->remove_from_addrlist_dkim('whitelist_from_dkim',
+ #Previously the first parameter was whitelist_from_dkim
+ $self->{parser}->remove_from_addrlist_dkim('welcomelist_from_dkim',
$address, lc $sdid);
- $self->{parser}->remove_from_addrlist_dkim('def_whitelist_from_dkim',
+ $self->{parser}->remove_from_addrlist_dkim('def_welcomelist_from_dkim',
$address, lc $sdid);
}
});
@@ -481,7 +494,7 @@ is only informational.
}
});

- # minimal signing key size in bits that is acceptable for whitelisting
+ # minimal signing key size in bits that is acceptable for welcomelisting
push (@cmds, {
setting => 'dkim_minimum_key_bits',
default => 1024,
@@ -648,20 +661,35 @@ sub check_dkim_testing {
return $result;
}

-sub check_for_dkim_whitelist_from {
+sub check_for_dkim_welcomelist_from {
my ($self, $pms) = @_;
- $self->_check_dkim_whitelist($pms) if !$pms->{whitelist_checked};
- return $pms->{dkim_match_in_whitelist_from_dkim} ||
- $pms->{dkim_match_in_whitelist_auth};
+ $self->_check_dkim_welcomelist($pms) if !$pms->{welcomelist_checked};
+ #Was originally dkim_match_in_whitelist_from_dkim and dkim_match_in_whitelist_auth respectively
+ return $pms->{dkim_match_in_welcomelist_from_dkim} ||
+ $pms->{dkim_match_in_welcomelist_auth};
}

-sub check_for_def_dkim_whitelist_from {
+#Stub for backwards compatibility - Remove in SA 4.1
+sub check_for_dkim_whitelist_from {
+
+ return check_for_dkim_welcomelist_from(@_);
+
+}
+
+sub check_for_def_dkim_welcomelist_from {
my ($self, $pms) = @_;
- $self->_check_dkim_whitelist($pms) if !$pms->{whitelist_checked};
- return $pms->{dkim_match_in_def_whitelist_from_dkim} ||
+ $self->_check_dkim_welcomelist($pms) if !$pms->{welcomelist_checked};
+ return $pms->{dkim_match_in_def_welcomelist_from_dkim} ||
$pms->{dkim_match_in_def_welcomelist_auth};
}

+#Stub for backwards compatibility - Remove in SA 4.1
+sub check_for_def_dkim_whitelist_from {
+
+ return check_for_def_dkim_welcomelist_from(@_);
+
+}
+
# ---------------------------------------------------------------------------

sub _dkim_load_modules {
@@ -1144,27 +1172,28 @@ sub _check_dkim_adsp {
}
}

-sub _check_dkim_whitelist {
+sub _check_dkim_welcomelist {
my ($self, $pms) = @_;

- $pms->{whitelist_checked} = 1;
+ #Was originally whitelist_checked, changed due to bz7826
+ $pms->{welcomelist_checked} = 1;

$self->_get_authors($pms) if !$pms->{dkim_author_addresses};

my $authors_str = join(", ", @{$pms->{dkim_author_addresses}});
if ($authors_str eq '') {
- dbg("dkim: check_dkim_whitelist: could not find author address");
+ dbg("dkim: check_dkim_weclomelist: could not find author address");
return;
}

- # collect whitelist entries matching the author from all lists
+ # collect welcomelist entries matching the author from all lists
my @acceptable_sdid_tuples;
$self->_wlcheck_acceptable_signature($pms, \@acceptable_sdid_tuples,
- 'def_whitelist_from_dkim');
+ 'def_welcomelist_from_dkim');
$self->_wlcheck_author_signature($pms, \@acceptable_sdid_tuples,
'def_welcomelist_auth');
$self->_wlcheck_acceptable_signature($pms, \@acceptable_sdid_tuples,
- 'whitelist_from_dkim');
+ 'welcomelist_from_dkim');
$self->_wlcheck_author_signature($pms, \@acceptable_sdid_tuples,
'welcomelist_auth');
if (!@acceptable_sdid_tuples) {
@@ -1173,7 +1202,7 @@ sub _check_dkim_whitelist {
return;
}

- # if the message doesn't pass DKIM validation, it can't pass DKIM whitelist
+ # if the message doesn't pass DKIM validation, it can't pass DKIM welcomelist

# trigger a DKIM check;
# continue if one or more signatures are valid or we want the debug info
@@ -1204,20 +1233,20 @@ sub _check_dkim_whitelist {
}

# check for verifier-acceptable signatures; an empty (or undefined) signing
-# domain in a whitelist implies checking for an Author Domain Signature
+# domain in a welcomelist implies checking for an Author Domain Signature
#
sub _wlcheck_acceptable_signature {
my ($self, $pms, $acceptable_sdid_tuples_ref, $wl) = @_;
my $wl_ref = $pms->{conf}->{$wl};
foreach my $author (@{$pms->{dkim_author_addresses}}) {
my $author_lc = lc($author);
- foreach my $white_addr (keys %$wl_ref) {
- my $wl_addr_ref = $wl_ref->{$white_addr};
- # dbg("dkim: WL %s %s, d: %s", $wl, $white_addr,
+ foreach my $welcome_addr (keys %$wl_ref) {
+ my $wl_addr_ref = $wl_ref->{$welcome_addr};
+ # dbg("dkim: WL %s %s, d: %s", $wl, $welcome_addr,
# join(", ", map { $_ eq '' ? "''" : $_ } @{$wl_addr_ref->{domain}}));
if ($author_lc =~ /$wl_addr_ref->{re}/) {
foreach my $sdid (@{$wl_addr_ref->{domain}}) {
- push(@$acceptable_sdid_tuples_ref, [$author,$sdid,$wl,$white_addr]);
+ push(@$acceptable_sdid_tuples_ref, [$author,$sdid,$wl,$welcome_addr]);
}
}
}
@@ -1233,10 +1262,10 @@ sub _wlcheck_author_signature {
my $wl_ref = $pms->{conf}->{$wl};
foreach my $author (@{$pms->{dkim_author_addresses}}) {
my $author_lc = lc($author);
- foreach my $white_addr (keys %$wl_ref) {
- # dbg("dkim: WL %s %s", $wl, $white_addr);
- if ($author_lc =~ /$wl_ref->{$white_addr}/) {
- push(@$acceptable_sdid_tuples_ref, [$author,undef,$wl,$white_addr]);
+ foreach my $welcome_addr (keys %$wl_ref) {
+ # dbg("dkim: WL %s %s", $wl, $welcome_addr);
+ if ($author_lc =~ /$wl_ref->{$welcome_addr}/) {
+ push(@$acceptable_sdid_tuples_ref, [$author,undef,$wl,$welcome_addr]);
}
}
}
@@ -1277,8 +1306,8 @@ sub _wlcheck_list {

my %tried_authors;
foreach my $entry (@$acceptable_sdid_tuples_ref) {
- my($author, $acceptable_sdid, $wl, $white_addr) = @$entry;
- # $white_addr and $wl are here for logging purposes only, already checked.
+ my($author, $acceptable_sdid, $wl, $welcome_addr) = @$entry;
+ # $welcome_addr and $wl are here for logging purposes only, already checked.
# The $acceptable_sdid is a verifier-acceptable signing domain
# identifier (to be matched against a 'd' tag in signatures).
# When $acceptable_sdid is undef or an empty string it implies
@@ -1303,7 +1332,7 @@ sub _wlcheck_list {
$matches = 1 if $sdid eq $author_domain;

} else { # checking for verifier-acceptable signature
- # The second argument to a 'whitelist_from_dkim' option is now (since
+ # The second argument to a 'welcomelist_from_dkim' option is now (since
# version 3.3.0) supposed to be a signing domain (SDID), no longer an
# identity (AUID). Nevertheless, be prepared to accept the full e-mail
# address there for compatibility, and just ignore its local-part.
@@ -1319,17 +1348,17 @@ sub _wlcheck_list {
if (would_log("dbg","dkim")) {
if ($sdid eq $author_domain) {
dbg("dkim: %s author domain signature by %s, MATCHES %s %s",
- $info, $sdid, $wl, $white_addr);
+ $info, $sdid, $wl, $welcome_addr);
} else {
dbg("dkim: %s third-party signature by %s, author domain %s, ".
- "MATCHES %s %s", $info, $sdid, $author_domain, $wl, $white_addr);
+ "MATCHES %s %s", $info, $sdid, $author_domain, $wl, $welcome_addr);
}
}
# a defined value indicates at least a match, not necessarily valid
# (this complication servers to preserve logging compatibility)
$any_match_by_wl{$wl} = '' if !exists $any_match_by_wl{$wl};
}
- # only valid signature can cause whitelisting
+ # only valid signature can cause welcomelisting
$matches = 0 if !$valid || $expired || $key_size_weak;

if ($matches) {

Modified: spamassassin/trunk/rules/50_scores.cf
URL: http://svn.apache.org/viewvc/spamassassin/trunk/rules/50_scores.cf?rev=1891820&r1=1891819&r2=1891820&view=diff
==============================================================================
--- spamassassin/trunk/rules/50_scores.cf (original)
+++ spamassassin/trunk/rules/50_scores.cf Tue Jul 27 07:05:54 2021
@@ -708,8 +708,8 @@ ifplugin Mail::SpamAssassin::Plugin::WLB
#score USER_IN_WHITELIST -100.000 - Moved to 60_whitelist.cf
#score USER_IN_DEF_WHITELIST -15.000 - Moved to 60_whitelist.cf
#score USER_IN_BLACKLIST_TO 10.000 - Moved to 60_whitelist.cf
-score URI_HOST_IN_BLACKLIST 100.0
-score URI_HOST_IN_WHITELIST -100.0
+#score URI_HOST_IN_BLACKLIST 100.0 - Moved to 60_whitelist.cf
+#score URI_HOST_IN_WHITELIST -100.0 - Moved to 60_whitelist.cf
#Removed in bug 7256
#score HEADER_HOST_IN_BLACKLIST 100.0
#score HEADER_HOST_IN_WHITELIST -100.0
@@ -733,7 +733,7 @@ endif # Mail::SpamAssassin::Plugin::SPF

# DKIM
ifplugin Mail::SpamAssassin::Plugin::DKIM
-score USER_IN_DKIM_WHITELIST -100.000
+#score USER_IN_DKIM_WHITELIST -100.000 - Moved to 60_whitelist_dkim.cf
score USER_IN_DEF_DKIM_WL -7.500
score DKIM_SIGNED 0.1
score DKIM_VALID -0.1

Modified: spamassassin/trunk/rules/60_whitelist.cf
URL: http://svn.apache.org/viewvc/spamassassin/trunk/rules/60_whitelist.cf?rev=1891820&r1=1891819&r2=1891820&view=diff
==============================================================================
--- spamassassin/trunk/rules/60_whitelist.cf (original)
+++ spamassassin/trunk/rules/60_whitelist.cf Tue Jul 27 07:05:54 2021
@@ -32,9 +32,9 @@
if can(Mail::SpamAssassin::Conf::feature_blocklist_welcomelist)
ifplugin Mail::SpamAssassin::Plugin::WLBLEval

- #bz7826 renames blacklist to blocklist
+ #bz7826 renames whitelist to welcomelist and blacklist to blocklist
header USER_IN_BLOCKLIST eval:check_from_in_blocklist()
- describe USER_IN_BLOCKLIST From: address is in the user's block-list
+ describe USER_IN_BLOCKLIST From: user is listed in the block-list
tflags USER_IN_BLOCKLIST userconf nice noautolearn
score USER_IN_BLOCKLIST 100.0

@@ -49,7 +49,7 @@ if can(Mail::SpamAssassin::Conf::feature
else
ifplugin Mail::SpamAssassin::Plugin::WLBLEval
header USER_IN_BLOCKLIST eval:check_from_in_blacklist()
- describe USER_IN_BLOCKLIST From: address is in the user's block-list
+ describe USER_IN_BLOCKLIST From: user is listed in the block-list
tflags USER_IN_BLOCKLIST userconf nice noautolearn
score USER_IN_BLOCKLIST 0.01

@@ -62,9 +62,9 @@ endif

if can(Mail::SpamAssassin::Conf::feature_blocklist_welcomelist)
ifplugin Mail::SpamAssassin::Plugin::WLBLEval
- #bz7826 renames whitelist to welcomelist
+ #bz7826 renames whitelist to welcomelist and blacklist to blocklist
header USER_IN_WELCOMELIST eval:check_from_in_welcomelist()
- describe USER_IN_WELCOMELIST user is listed in 'welcomelist_from'
+ describe USER_IN_WELCOMELIST User is listed in 'welcomelist_from'
tflags USER_IN_WELCOMELIST userconf nice noautolearn
score USER_IN_WELCOMELIST -100.0

@@ -79,7 +79,7 @@ if can(Mail::SpamAssassin::Conf::feature
else
ifplugin Mail::SpamAssassin::Plugin::WLBLEval
header USER_IN_WELCOMELIST eval:check_from_in_whitelist()
- describe USER_IN_WELCOMELIST user is listed in 'welcomelist_from'
+ describe USER_IN_WELCOMELIST User is listed in 'welcomelist_from'
tflags USER_IN_WELCOMELIST userconf nice noautolearn
score USER_IN_WELCOMELIST -0.01

@@ -92,9 +92,9 @@ endif

if can(Mail::SpamAssassin::Conf::feature_blocklist_welcomelist)
ifplugin Mail::SpamAssassin::Plugin::WLBLEval
- #bz7826 renames whitelist to welcomelist
+ #bz7826 renames whitelist to welcomelist and blacklist to blocklist
header USER_IN_DEF_WELCOMELIST eval:check_from_in_default_welcomelist()
- describe USER_IN_DEF_WELCOMELIST From: address is in the default welcome-list
+ describe USER_IN_DEF_WELCOMELIST From: user is listed in the default welcome-list
tflags USER_IN_DEF_WELCOMELIST userconf nice noautolearn
score USER_IN_DEF_WELCOMELIST -15.0

@@ -109,7 +109,7 @@ if can(Mail::SpamAssassin::Conf::feature
else
ifplugin Mail::SpamAssassin::Plugin::WLBLEval
header USER_IN_DEF_WELCOMELIST eval:check_from_in_default_whitelist()
- describe USER_IN_DEF_WELCOMELIST From: address is in the default welcome-list
+ describe USER_IN_DEF_WELCOMELIST From: user is listed in the default welcome-list
tflags USER_IN_DEF_WELCOMELIST userconf nice noautolearn
score USER_IN_DEF_WELCOMELIST -0.01

@@ -122,7 +122,7 @@ endif

if can(Mail::SpamAssassin::Conf::feature_blocklist_welcomelist)
ifplugin Mail::SpamAssassin::Plugin::WLBLEval
- #bz7826 renames blacklist to blocklist
+ #bz7826 renames whitelist to welcomelist and blacklist to blocklist
header USER_IN_BLOCKLIST_TO eval:check_to_in_blocklist()
describe USER_IN_BLOCKLIST_TO User is listed in 'blocklist_to'
tflags USER_IN_BLOCKLIST_TO userconf nice noautolearn
@@ -152,7 +152,7 @@ endif

if can(Mail::SpamAssassin::Conf::feature_blocklist_welcomelist)
ifplugin Mail::SpamAssassin::Plugin::WLBLEval
- #bz7826 renames whitelist to welcomelist
+ #bz7826 renames whitelist to welcomelist and blacklist to blocklist
header USER_IN_WELCOMELIST_TO eval:check_to_in_welcomelist()
describe USER_IN_WELCOMELIST_TO User is listed in 'welcomelist_to'
tflags USER_IN_WELCOMELIST_TO userconf nice noautolearn
@@ -191,26 +191,76 @@ ifplugin Mail::SpamAssassin::Plugin::WLB
endif

if (version >= 3.004000)
- ifplugin Mail::SpamAssassin::Plugin::WLBLEval
- body URI_HOST_IN_BLACKLIST eval:check_uri_host_in_blacklist()
- describe URI_HOST_IN_BLACKLIST Host or Domain is listed in the user's URI black-list
- tflags URI_HOST_IN_BLACKLIST userconf noautolearn
-
- body URI_HOST_IN_WHITELIST eval:check_uri_host_in_whitelist()
- describe URI_HOST_IN_WHITELIST Host or Domain is listed in the user's URI white-list
- tflags URI_HOST_IN_WHITELIST userconf nice noautolearn
-
- # Bug 7256, using a header rule with an eval() function does not work the way
- # this was intended.
-
- # header HEADER_HOST_IN_BLACKLIST eval:check_uri_host_listed('BLACK')
- # describe HEADER_HOST_IN_BLACKLIST Host or Domain in header is listed in the user's URI black-list
- # tflags HEADER_HOST_IN_BLACKLIST userconf noautolearn
-
- # header HEADER_HOST_IN_WHITELIST eval:check_uri_host_listed('WHITE')
- # describe HEADER_HOST_IN_WHITELIST Host or Domain in header is listed in the user's URI white-list
- # tflags HEADER_HOST_IN_WHITELIST userconf nice noautolearn
+ if can(Mail::SpamAssassin::Conf::feature_blocklist_welcomelist)
+ ifplugin Mail::SpamAssassin::Plugin::WLBLEval
+ #bz7826 renames whitelist to welcomelist and blacklist to blocklist
+ body URI_HOST_IN_BLOCKLIST eval:check_uri_host_in_blocklist()
+ describe URI_HOST_IN_BLOCKLIST Host or Domain is listed in the user's URI block-list
+ tflags URI_HOST_IN_BLOCKLIST userconf noautolearn
+ score URI_HOST_IN_BLOCKLIST 100.0
+
+ ifplugin Mail::SpamAssassin::Plugin::RaciallyCharged
+ meta URI_HOST_IN_BLACKLIST (URI_HOST_IN_BLOCKLIST)
+ describe URI_HOST_IN_BLACKLIST DEPRECATED: See URI_HOST_IN_BLOCKLIST
+ tflags URI_HOST_IN_BLACKLIST userconf noautolearn
+ score URI_HOST_IN_BLOCKLIST -0.01
+ score URI_HOST_IN_BLACKLIST 100.0
+ endif
+ endif
+ else
+ ifplugin Mail::SpamAssassin::Plugin::WLBLEval
+ body URI_HOST_IN_BLOCKLIST eval:check_uri_host_in_blacklist()
+ describe URI_HOST_IN_BLOCKLIST Host or Domain is listed in the user's URI block-list
+ tflags URI_HOST_IN_BLOCKLIST userconf noautolearn
+ score URI_HOST_IN_BLOCKLIST -0.01
+
+ meta URI_HOST_IN_BLACKLIST (URI_HOST_IN_BLOCKLIST)
+ describe URI_HOST_IN_BLACKLIST DEPRECATED: See URI_HOST_IN_BLOCKLIST
+ tflags URI_HOST_IN_BLACKLIST userconf noautolearn
+ score URI_HOST_IN_BLACKLIST 100.0
+ endif
+ endif
+
+ if can(Mail::SpamAssassin::Conf::feature_blocklist_welcomelist)
+ ifplugin Mail::SpamAssassin::Plugin::WLBLEval
+ #bz7826 renames whitelist to welcomelist and blacklist to blocklist
+ body URI_HOST_IN_WELCOMELIST eval:check_uri_host_in_welcomelist()
+ describe URI_HOST_IN_WELCOMELIST Host or Domain is listed in the user's URI welcome-list
+ tflags URI_HOST_IN_WELCOMELIST userconf nice noautolearn
+ score URI_HOST_IN_WELCOMELIST -100.0
+
+ ifplugin Mail::SpamAssassin::Plugin::RaciallyCharged
+ meta URI_HOST_IN_WHITELIST (URI_HOST_IN_WELCOMELIST)
+ describe URI_HOST_IN_WHITELIST DEPRECATED: See URI_HOST_IN_WELCOMELIST
+ tflags URI_HOST_IN_WHITELIST userconf nice noautolearn
+ score URI_HOST_IN_WELCOMELIST -0.01
+ score URI_HOST_IN_WHITELIST -100.0
+ endif
+ endif
+ else
+ ifplugin Mail::SpamAssassin::Plugin::WLBLEval
+ body URI_HOST_IN_WELCOMELIST eval:check_uri_host_in_whitelist()
+ describe URI_HOST_IN_WELCOMELIST Host or Domain is listed in the user's URI welcome-list
+ tflags URI_HOST_IN_WELCOMELIST userconf nice noautolearn
+ score URI_HOST_IN_WELCOMELIST -0.01
+
+ meta URI_HOST_IN_WHITELIST (URI_HOST_IN_WELCOMELIST)
+ describe URI_HOST_IN_WHITELIST DEPRECATED: See URI_HOST_IN_WELCOMELIST
+ tflags URI_HOST_IN_WHITELIST userconf nice noautolearn
+ score URI_HOST_IN_WHITELIST -100.0
+ endif
endif
+
+ # Bug 7256, using a header rule with an eval() function does not work the way
+ # this was intended.
+
+ # header HEADER_HOST_IN_BLACKLIST eval:check_uri_host_listed('BLACK')
+ # describe HEADER_HOST_IN_BLACKLIST Host or Domain in header is listed in the user's URI black-list
+ # tflags HEADER_HOST_IN_BLACKLIST userconf noautolearn
+
+ # header HEADER_HOST_IN_WHITELIST eval:check_uri_host_listed('WHITE')
+ # describe HEADER_HOST_IN_WHITELIST Host or Domain in header is listed in the user's URI white-list
+ # tflags HEADER_HOST_IN_WHITELIST userconf nice noautolearn
endif

###########################################################################

Modified: spamassassin/trunk/rules/60_whitelist_dkim.cf
URL: http://svn.apache.org/viewvc/spamassassin/trunk/rules/60_whitelist_dkim.cf?rev=1891820&r1=1891819&r2=1891820&view=diff
==============================================================================
--- spamassassin/trunk/rules/60_whitelist_dkim.cf (original)
+++ spamassassin/trunk/rules/60_whitelist_dkim.cf Tue Jul 27 07:05:54 2021
@@ -24,22 +24,65 @@
###########################################################################
# DKIM whitelist rules

+#For those wondering why there's not just an ifplugin in front of all of this, there's a big involving it
+#in nested if statements
+if can(Mail::SpamAssassin::Conf::feature_blocklist_welcomelist)
+ ifplugin Mail::SpamAssassin::Plugin::DKIM
+ #bz7826 renames whitelist to welcomelist and blacklist to blocklist
+ header USER_IN_DKIM_WELCOMELIST eval:check_for_dkim_welcomelist_from()
+ describe USER_IN_DKIM_WELCOMELIST From: address is in the user's DKIM welcomelist
+ tflags USER_IN_DKIM_WELCOMELIST nice noautolearn net userconf
+ score USER_IN_DKIM_WELCOMELIST -100.000
+
+ ifplugin Mail::SpamAssassin::Plugin::RaciallyCharged
+ meta USER_IN_DKIM_WHITELIST (USER_IN_DKIM_WELCOMELIST)
+ describe USER_IN_DKIM_WHITELIST DEPRECATED: See USER_IN_DKIM_WELCOMELIST
+ tflags USER_IN_DKIM_WHITELIST nice noautolearn net userconf
+ score USER_IN_DKIM_WELCOMELIST -0.01
+ score USER_IN_DKIM_WHITELIST -100.000
+ endif
+ endif
+
+ #might be a way to only have one instance of the below block, unsure if it's even necessary
+ reuse USER_IN_DKIM_WHITELSIT
+ reuse USER_IN_DKIM_WELCOMELIST
+
+else
+ ifplugin Mail::SpamAssassin::Plugin::DKIM
+ header USER_IN_DKIM_WELCOMELIST eval:check_for_dkim_whitelist_from()
+ describe USER_IN_DKIM_WELCOMELIST From: address is in the user's DKIM welcomelist
+ tflags USER_IN_DKIM_WELCOMELIST nice noautolearn net userconf
+ score USER_IN_DKIM_WELCOMELIST -0.01
+
+ meta USER_IN_DKIM_WHITELIST (USER_IN_DKIM_WELCOMELIST)
+ describe USER_IN_DKIM_WHITELIST DEPRECATED: See USER_IN_DKIM_WELCOMELIST
+ tflags USER_IN_DKIM_WHITELIST nice noautolearn net userconf
+ score USER_IN_DKIM_WHITELIST -100.000
+ endif
+
+ reuse USER_IN_DKIM_WHITELSIT
+ reuse USER_IN_DKIM_WELCOMELIST
+
+endif
+
+# The order here may or may not be correct and should be checked
+if (version >= 3.003000)
+
ifplugin Mail::SpamAssassin::Plugin::DKIM

-header USER_IN_DKIM_WHITELIST eval:check_for_dkim_whitelist_from()
-describe USER_IN_DKIM_WHITELIST From: address is in the user's DKIM whitelist
-tflags USER_IN_DKIM_WHITELIST nice noautolearn net userconf
-reuse USER_IN_DKIM_WHITELIST
+if can(Mail::SpamAssassin::Conf::feature_blocklist_welcomelist)

-header USER_IN_DEF_DKIM_WL eval:check_for_def_dkim_whitelist_from()
-describe USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list
+# The backwards compatibility for this rule will be after the else statement below
+header USER_IN_DEF_DKIM_WL eval:check_for_def_dkim_welcomelist_from()
+describe USER_IN_DEF_DKIM_WL From: address is in the default DKIM welcome-list
tflags USER_IN_DEF_DKIM_WL nice noautolearn net
reuse USER_IN_DEF_DKIM_WL

+
###########################################################################
-# Default whitelists. These should be e-mail addresses of authors (i.e.
+# Default welcomelists. These should be e-mail addresses of authors (i.e.
# addresses in the From header field) which send mail that is often
-# tagged (incorrectly) as spam. DKIM whitelisting only applies to mail
+# tagged (incorrectly) as spam. DKIM welcomelisting only applies to mail
# with a valid DKIM (or older DK) signature. An optional second parameter
# can specify a signing domain (the 'd' tag), if different from author's
# domain. Please see Mail::SpamAssassin::Plugin::DKIM man page for details.
@@ -47,6 +90,123 @@ reuse USER_IN_DEF_DKIM_WL
# Whitelist and blacklist addresses are file-glob-style patterns, so
# "friend@somewhere.com", "*@isp.com", or "*.domain.net" will all work.

+def_welcomelist_from_dkim *@*.ebay.com ebay.com
+def_welcomelist_from_dkim *@ebay.com
+def_welcomelist_from_dkim *@ebay.co.uk
+def_welcomelist_from_dkim *@*.ebay.co.uk
+def_welcomelist_from_dkim *@ebay.at
+def_welcomelist_from_dkim *@*.ebay.at
+def_welcomelist_from_dkim *@ebay.be
+def_welcomelist_from_dkim *@*.ebay.be
+def_welcomelist_from_dkim *@ebay.de
+def_welcomelist_from_dkim *@*.ebay.de
+def_welcomelist_from_dkim *@ebay.es
+def_welcomelist_from_dkim *@*.ebay.es
+def_welcomelist_from_dkim *@ebay.fr
+def_welcomelist_from_dkim *@*.ebay.fr
+def_welcomelist_from_dkim *@ebay.ie
+def_welcomelist_from_dkim *@*.ebay.ie
+def_welcomelist_from_dkim *@ebay.it
+def_welcomelist_from_dkim *@*.ebay.it
+def_welcomelist_from_dkim *@ebay.nl
+def_welcomelist_from_dkim *@*.ebay.nl
+def_welcomelist_from_dkim *@ebay.pt
+def_welcomelist_from_dkim *@*.ebay.pt
+def_welcomelist_from_dkim *@ebay.ca
+def_welcomelist_from_dkim *@*.ebay.ca
+
+def_welcomelist_from_dkim *@* paypal.com
+def_welcomelist_from_dkim *@paypal.com
+def_welcomelist_from_dkim *@*.paypal.com
+def_welcomelist_from_dkim *@paypal.co.uk
+def_welcomelist_from_dkim *@*.paypal.co.uk
+def_welcomelist_from_dkim *@paypal.at
+def_welcomelist_from_dkim *@*.paypal.at
+def_welcomelist_from_dkim *@paypal.be
+def_welcomelist_from_dkim *@*.paypal.be
+def_welcomelist_from_dkim *@paypal.de
+def_welcomelist_from_dkim *@*.paypal.de
+def_welcomelist_from_dkim *@paypal.es
+def_welcomelist_from_dkim *@*.paypal.es
+def_welcomelist_from_dkim *@paypal.fr
+def_welcomelist_from_dkim *@*.paypal.fr
+def_welcomelist_from_dkim *@paypal.ie
+def_welcomelist_from_dkim *@*.paypal.ie
+def_welcomelist_from_dkim *@paypal.it
+def_welcomelist_from_dkim *@*.paypal.it
+def_welcomelist_from_dkim *@paypal.nl
+def_welcomelist_from_dkim *@*.paypal.nl
+def_welcomelist_from_dkim *@paypal.pt
+def_welcomelist_from_dkim *@*.paypal.pt
+def_welcomelist_from_dkim *@paypal.ca
+def_welcomelist_from_dkim *@*.paypal.ca
+
+def_welcomelist_from_dkim *@cisco.com
+def_welcomelist_from_dkim *@lh.lufthansa.com
+def_welcomelist_from_dkim *@*.milesandmore.com
+def_welcomelist_from_dkim *@mail.hotels.com
+def_welcomelist_from_dkim *@email.hotels.com
+def_welcomelist_from_dkim *@alert.bankofamerica.com
+def_welcomelist_from_dkim *@ealerts.bankofamerica.com
+def_welcomelist_from_dkim *@cc.yahoo-inc.com yahoo-inc.com
+def_welcomelist_from_dkim *@cc.yahoo-inc.com
+def_welcomelist_from_dkim googlealerts-noreply@google.com
+def_welcomelist_from_dkim *@*.google.com
+
+def_welcomelist_from_dkim *@springer.delivery.net
+def_welcomelist_from_dkim *@sci.scientific-direct.net
+def_welcomelist_from_dkim *@strongmail.the-scientist.com
+def_welcomelist_from_dkim *@ealert.nature.com
+def_welcomelist_from_dkim *@gateways.nature.com
+def_welcomelist_from_dkim *@information.nature.com
+def_welcomelist_from_dkim *@newsdesk.world-nuclear-news.org
+def_welcomelist_from_dkim *@biocompare.com
+def_welcomelist_from_dkim *@dentalcompare.com
+def_welcomelist_from_dkim *@medcompare.com
+def_welcomelist_from_dkim *@itbusinessedge.com
+def_welcomelist_from_dkim *@nl.reuters.com
+def_welcomelist_from_dkim *@email.washingtonpost.com
+def_welcomelist_from_dkim *@washingtontimesmail.com
+def_welcomelist_from_dkim *@info-aaas.org
+def_welcomelist_from_dkim *@*.newsmax.com
+def_welcomelist_from_dkim *@zdnet.online.com
+def_welcomelist_from_dkim *@m-w.com
+
+def_welcomelist_from_dkim *@skype.net
+def_welcomelist_from_dkim *@*.skype.net
+def_welcomelist_from_dkim *@*.skype.net skype.net
+def_welcomelist_from_dkim *@*.skype.com
+def_welcomelist_from_dkim *@*.skype.com skype.com
+
+#consider also:
+# def_welcomelist_from_dkim *@avaaz.org
+# def_welcomelist_from_dkim *@techrepublic.online.com
+# def_welcomelist_from_dkim ezines@arcamax.com
+# def_welcomelist_from_dkim *@yousendit.com
+# def_welcomelist_from_dkim *@meetup.com
+# def_welcomelist_from_dkim *@astrology.com
+# def_welcomelist_from_dkim *@google.com
+# def_welcomelist_from_dkim *@amazon.com
+# def_welcomelist_from_dkim *@amazon.co.uk
+# def_welcomelist_from_dkim *@amazon.de
+# def_welcomelist_from_dkim *@amazon.fr
+
+def_welcomelist_from_dkim *@imdb.com amazonses.com
+def_welcomelist_from_dkim *@dhl.com
+def_welcomelist_from_dkim *@tumblr.com
+def_welcomelist_from_dkim *@fisglobal.com
+def_welcomelist_from_dkim *@*.msgfocus.com
+def_welcomelist_from_dkim *@boredpanda.com mailersend.com
+
+else
+
+header USER_IN_DEF_DKIM_WL eval:check_for_def_dkim_whitelist_from()
+describe USER_IN_DEF_DKIM_WL From: address is in the default DKIM welcome-list
+tflags USER_IN_DEF_DKIM_WL nice noautolearn net
+reuse USER_IN_DEF_DKIM_WL
+
+#For older versions of SA, these old entries remain for SA before version 4.0
+
def_whitelist_from_dkim *@*.ebay.com ebay.com
def_whitelist_from_dkim *@ebay.com
def_whitelist_from_dkim *@ebay.co.uk
@@ -155,4 +315,8 @@ def_whitelist_from_dkim *@fisglobal.com
def_whitelist_from_dkim *@*.msgfocus.com
def_whitelist_from_dkim *@boredpanda.com mailersend.com

+endif # if can(Mail::SpamAssassin::Conf::feature_blocklist_welcomelist)
+
endif # Mail::SpamAssassin::Plugin::DKIM
+
+endif # version >= 3.3.0