Bug 3493 - RFE: new SPF-based whitelisting rules
Summary: RFE: new SPF-based whitelisting rules
Status: RESOLVED DUPLICATE of bug 3487
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Rules (show other bugs)
Version: SVN Trunk (Latest Devel Version)
Hardware: Other other
: P5 normal
Target Milestone: 3.1.0
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-06-09 09:29 UTC by Justin Mason
Modified: 2005-03-05 07:43 UTC (History)
0 users


Attachment Type Modified Status Actions Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Justin Mason 2004-06-09 09:29:53 UTC 
So some postings from Dan on the SPF list brings this to mind.

I suggest we identify some "known-good" sending domains, like ebay.com,
amazon.com, etc., where we can use rules like the following:

  header SPF_WHITELIST_DOMS From:addr =~ /\@(?:amazon\.com|ebay\.com|whatever)$/
  meta SPF_WHITELIST_FROM   (SPF_PASS && FROM_EQ_ENV_FROM && SPF_WHITELIST_DOMS)

In other words, give whitelist points to mails where:

  1. env-from is validated by SPF
  2. header "From:" matches env-from
  3. domain in question is *known* to be good

The domains in SPF_WHITELIST_DOMS could be very extensive; in fact, we could
probably do that better as an eval test/plugin with its own config items, a
la

spf-whitelist-domain   ebay.com amazon.com aol.com yahoo.com ...

sound useful?  AFAICS this will be reliable whitelisting even despite SPF
shortcomings.
Comment 1 Daniel Quinlan 2004-08-27 17:19:45 UTC 
more accuracy and performance bugs going to 3.1.0 milestone
Comment 2 Daryl C. W. O'Shea 2005-03-05 16:34:45 UTC 
Duplicate of Bug 3487.

Although, currently, the implementation for bug 3487 doesn't require that the
header 'From:' match the envelope header used for SPF validation.

Is there really a benefit to doing so?  If it comes from a known-good sending
domain and passes SPF validation, do we really want to keep up with what they
are sticking in the 'From:' header?
Comment 3 Daniel Quinlan 2005-03-05 16:43:39 UTC 
It might make sense to give more points when From: matches EnvelopeFrom.

That being said, I'll leave it to Daryl to see how this fits into bug 3487,
marking as a dup.


*** This bug has been marked as a duplicate of 3487 ***