http://bugzilla.spamassassin.org/show_bug.cgi?id=3436
Summary: Spams from 'own domain' make it through
Product: Spamassassin
Version: 2.63
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: Rules
AssignedTo: spamassassin-dev@incubator.apache.org
ReportedBy: lwilton@earthlink.net
The following was recently posted on the SA-talk list. This is approximately
the 5th time this exact topic has come up in the last three days:
----------
Hi,
I've been getting a few spams lately that appear to come from my own
email address, and as I've whitelisted our email domain name, they come
through.
Should I remove our domain from the whitelist? Is there some other way
to combat this problem?
----------
SA should have some sort of stock rule to detect a forged "my domain" sender.
This probably would require some configuration option the user would have to
set up, I suppose, to identify the local domain.
I realize there is an argument about 'is SA a spam scanner or a forgery
scanner'; however, in this case in is well known the two are tied closely
together. Thus, it seems like an appropriate stock rule to have from either
viewpoint.
Loren
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
Summary: Spams from 'own domain' make it through
Product: Spamassassin
Version: 2.63
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: Rules
AssignedTo: spamassassin-dev@incubator.apache.org
ReportedBy: lwilton@earthlink.net
The following was recently posted on the SA-talk list. This is approximately
the 5th time this exact topic has come up in the last three days:
----------
Hi,
I've been getting a few spams lately that appear to come from my own
email address, and as I've whitelisted our email domain name, they come
through.
Should I remove our domain from the whitelist? Is there some other way
to combat this problem?
----------
SA should have some sort of stock rule to detect a forged "my domain" sender.
This probably would require some configuration option the user would have to
set up, I suppose, to identify the local domain.
I realize there is an argument about 'is SA a spam scanner or a forgery
scanner'; however, in this case in is well known the two are tied closely
together. Thus, it seems like an appropriate stock rule to have from either
viewpoint.
Loren
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.