Mailing List Archive

Hi,

On Sat, 13 Mar 2004 11:04:55 -0500 Mailing List <maillist@anora.org> wrote:

> Is there a way that I can make a whitelist/blacklist rule that basicly says:
>
> allow mail from
>
> myfriendone@yahoo.com
> myfriendtwo@yahoo.com
>
> but disallow mail from everyone else @yahoo.com ?

This sounds like a job for procmail or your mailer's filtering system, not for SA:

:0H
* ^From:.*@yahoo.com
{
:0H
* ^From:.*myfriendone@yahoo.com
inbox

:0H
* ^From:.*myfriendtwo@yahoo.com
inbox

:0
spam
}

> I tried the way below, but it didn't work:
>
> spamassassin --add-addr-to-blacklist yahoo.com
> spamassassin --add-addr-to-whitelist myfriendone@yahoo.com
> spamassassin --add-addr-to-whitelist myfriendtwo@yahoo.com

yahoo.com isn't an address. You may need to spend some quality time with
the SpamAssassin documentation to make this work.

hth,

-- Bob

On Sat, 13 Mar 2004 11:38:06 -0600
Bob Apthorpe <apthorpe+sa@cynistar.net> wrote:

> This sounds like a job for procmail or your mailer's filtering system, not for SA:
>
> :0H
> * ^From:.*@yahoo.com
> {
> :0H
> * ^From:.*myfriendone@yahoo.com
> inbox
>
> :0H
> * ^From:.*myfriendtwo@yahoo.com
> inbox
>
> :0
> spam
> }
>
> hth,
>
> -- Bob
>

I use qmail, and even qmail-scanner (how I run SA) won't block this way.
I thought that was what the auto-whitelist was for, was to block what you
don't want and allow what you do?

I don't know much perl, but maybe I could hack the darn thing to make it work.

By the way, I'm assuming the block of code above was for procmail?

Sincerely,

Gordon E

> By the way, I'm assuming the block of code above was for procmail?

The code from Bob was a procmail recipe, yes.

Just off the top of my head, you could perhaps do something like this. This
is UNTESTED, but should come close to working.

header __YAHOO_FROM From =~ /\@yahoo\.com/
header __YAHOO_FRIENDS From =~ /(?:fred|amy|george)\@yahoo\.com/
meta YAHOO_UGLY (__YAHOO_FROM && !__YAHOO_FRIEND)
score YAHOO_UGLY 100

I think something along the lines of the following might do it in one
statement:

header YAHOO_UGLY From =~ /(?<!fred|amy|george)\@yahoo\.com/

Loren

Actually, the way I've gotten this to work is by editing my access
file. If you put something like this in there it works.

myfriendone@yahoo.com RELAY
myfriendtwo@yahoo.com RELAY
yahoo.com DISCARD

The access file is a first match wins system. So if myfriendone
matches, it ignores the rest. If the email doesn't match either, but does
match the partial domain name "yahoo.com" then it discards it. I've never
tried it specifically with yahoo.com as they've got some really f'cked up
mail headers coming from their spam...er, I mean email service, but it's
worth a try. ^_^

Try editing that and see if it works. I have a batch file setup
on my system to simplify making changes to this file anytime I have to add
someone to it. Like people who are flood spamming me or who have really
screwed up addresses that choke sendmail. Here's the commands I use:

pico /etc/mail/access # use this to edit the file.
makemap hash /etc/mail/access.db < /etc/mail/access #use this to rebuild
the access database.

You're welcome to use VI, Vim, or whatever editor you want. I
prefer pico as it's what I've always used. ^_^ You will definately need
to do the followup makemap command so that the changes take effect. But
that would be what I would recommend for dealing with those pesky yahoo
people. You can still do your normal whitelisting via spam assassin, but
leave the blacklisting to sendmail, or q-mail, or whatever your smtp client
is. Regardless which one it is, they all still read off of the
/etc/mail/access file. Hope this helps.

At 11:04 AM 3/13/04 -0500, Mailing List wrote:
>Is there a way that I can make a whitelist/blacklist rule that basicly says:
>
>allow mail from
>
>myfriendone@yahoo.com
>myfriendtwo@yahoo.com
>
>but disallow mail from everyone else @yahoo.com ?
>
>I tried the way below, but it didn't work:
>
>spamassassin --add-addr-to-blacklist yahoo.com
>spamassassin --add-addr-to-whitelist myfriendone@yahoo.com
>spamassassin --add-addr-to-whitelist myfriendtwo@yahoo.com
>
>Sincerely,
>
>Gordon E.

On Sat, 13 Mar 2004 23:01:19 -0500
Dragoncrest <dragoncrest@voyager.net> wrote:

> Actually, the way I've gotten this to work is by editing my access
> file. If you put something like this in there it works.
>
> myfriendone@yahoo.com RELAY
> myfriendtwo@yahoo.com RELAY
> yahoo.com DISCARD
>
> The access file is a first match wins system. So if myfriendone
> matches, it ignores the rest. If the email doesn't match either, but does
> match the partial domain name "yahoo.com" then it discards it. I've never
> tried it specifically with yahoo.com as they've got some really f'cked up
> mail headers coming from their spam...er, I mean email service, but it's
> worth a try. ^_^
>
> Try editing that and see if it works. I have a batch file setup
> on my system to simplify making changes to this file anytime I have to add
> someone to it. Like people who are flood spamming me or who have really
> screwed up addresses that choke sendmail. Here's the commands I use:
>
> pico /etc/mail/access # use this to edit the file.
> makemap hash /etc/mail/access.db < /etc/mail/access #use this to rebuild
> the access database.
>


I had to install sendmail, because I hadn't installed it when I installed
the system. I felt it was too big of a security hole.

Are you sure that all MTAs use the access.db? From reading the docs,
it sounds like it's only for sendmail. I'm pretty sure that the qmail
docs don't say anything about the access.db, but I'll take another look.


> You're welcome to use VI, Vim, or whatever editor you want. I
> prefer pico as it's what I've always used. ^_^ You will definately need
> to do the followup makemap command so that the changes take effect. But
> that would be what I would recommend for dealing with those pesky yahoo
> people. You can still do your normal whitelisting via spam assassin, but
> leave the blacklisting to sendmail, or q-mail, or whatever your smtp client
> is. Regardless which one it is, they all still read off of the
> /etc/mail/access file. Hope this helps.

Sincerely,
Gordon E.

Postfix does use the access file but you need to ensure that your
main.cf is configured correctly otherwise it will be ignored. We use it
to drop a bunch of mail from a couple bad domains.



>I had to install sendmail, because I hadn't installed it when I
installed
>the system. I felt it was too big of a security hole.
>
>Are you sure that all MTAs use the access.db? From reading the docs,
>it sounds like it's only for sendmail. I'm pretty sure that the qmail
>docs don't say anything about the access.db, but I'll take another
look.

Gary Smith