Bug 7809 - unwhitelist broken
Summary: unwhitelist broken
Status: RESOLVED FIXED
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: spamassassin (show other bugs)
Version: 3.4.2
Hardware: PC Linux
: P2 normal
Target Milestone: Undefined
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-04-18 23:00 UTC by stephen-spamassassin
Modified: 2020-04-19 06:46 UTC (History)
3 users (show)


Attachment Type Modified Status Actions Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description stephen-spamassassin 2020-04-18 23:00:36 UTC 
Attempting to undo a "def_whitelist_auth" by using "unwhitelist_auth" has no effect.


/var/lib/spamassassin/3.004002/updates_spamassassin_org/60_whitelist_auth.cf:
def_whitelist_auth *@*.getresponse-mail.com

/etc/spamassassin/whitelist.cf
unwhitelist_auth *@*.getresponse-mail.com


E-mail test using "spamassassin -D -t" produces:

-7.5 USER_IN_DEF_SPF_WL     From: address is in the default SPF
                            white-list
Comment 1 RW 2020-04-19 01:25:12 UTC 
The documentation says that unwhitelist_auth cancels whitelist_auth entries not def_whitelist_auth entries, so it's not broken as such or even unexpected, but there should be a way of cancelling def_* entries. Originally these contained uncontroversial senders like paypal, but it's been expanded enormously.
Comment 2 Benny Pedersen 2020-04-19 05:14:27 UTC 
hopefully auth is done in dmarc in future with AuthRes plugin, the current auth approc is to simple to fit user cases with double pass/fails

if def scores begin to be unstable adjust scores then, eg -7.5 could be changed to -6.5

and i think its begin to be more needed to make local corpus score scanning so spammers have to live with local generated scores

its all to easy to know what spamassassin will do if its common rules

todo: Mail::DKIM could be updated to handle openARC sealing so it helps to track more deeply whar happens upstream, and dmarc can then possible be done in AuthRes plugin with is not gone stable yet imho
Comment 3 Henrik Krohns 2020-04-19 06:19:00 UTC 
- unwhitelist_auth now also removes def_whitelist_auth entries

- SPF: add unwhitelist_from_spf to remove both whitelist_from_spf and
  def_whitelist_from_spf entries

Sending        spamassassin-3.4/UPGRADE
Sending        spamassassin-3.4/lib/Mail/SpamAssassin/Conf.pm
Sending        spamassassin-3.4/lib/Mail/SpamAssassin/Plugin/SPF.pm
Sending        spamassassin-3.4/t/spf.t
Sending        trunk/lib/Mail/SpamAssassin/Conf.pm
Sending        trunk/lib/Mail/SpamAssassin/Plugin/SPF.pm
Sending        trunk/t/spf.t
Transmitting file data .......done
Committing transaction...
Committed revision 1876710.
Comment 4 Benny Pedersen 2020-04-19 06:42:43 UTC 
thanks for screwing it up :)
Comment 5 Henrik Krohns 2020-04-19 06:46:26 UTC 
(In reply to Benny Pedersen from comment #4)
> thanks for screwing it up :)

Could you please stop filling bugs with rambling nonsense?