How to whitelist a domain while blocking forgeries using that domain?

Posted by QuantumMechanic on Server Fault See other posts from Server Fault or by QuantumMechanic
Published on 2012-08-30T18:09:27Z Indexed on 2012/08/30 21:40 UTC
Read the original article Hit count: 208

Filed under:

email

|

emailserver

|

spam

|

spamassassin

How do you deal with the case of:

wanting to whitelist a domain so that emails from it won't get eaten, but
not having emails forged to appear to be from that domain get bogusly whitelisted

whitelist_from_recvd looks promising, but then you have to know at least the TLD of every host that could send you mail from that domain. Often RandomBigCompany.com will outsource email to one or more sending companies (like Constant Contact and the like) in addition to using servers that reverse-resolve to something in its own domain. But it looks like whitelist_from_recvd can only map to one sending server pattern so that would be problematic.

Is there a way to say something like "if email is from domain X, subtract N points from the spam score"?

The idea would be that if the mail is legit, that -N will all but guarantee it isn't considered spam. But if it is spam, hopefully all the other failed tests will render it spam even with the -N being included.

© Server Fault or respective owner

Related posts about email

CRM 2011 - Workflows Vs JavaScripts

as seen on Programmers - Search for 'Programmers'
In the Contact entity, I have the following attributes Preferred email - A read only field of type Email Personal email 1 - An email field Personal email 2 - An email field Work email 1 - An email field Work email 2 - An email field School email - An email field Other email - An email field Preferred… >>> More
Sending Email in Android using JavaMail API without using the default android app(Builtin Email app

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi Folks, I am trying to create a mail sending application in android, If I use `Intent emailIntent = new Intent(android.content.Intent.ACTION_SEND`); This will launch the builtin application of android, I'm trying to send the mail on button click directly without using this app, Please any suggestions… >>> More
Processing Email in Outlook

as seen on Daniel Moth - Search for 'Daniel Moth'
A. Why Goal 1 = Help others: Have at most a 24-hour response turnaround to internal (from colleague) emails, typically achieving same day response. Goal 2 = Help projects: Not to implicitly pass/miss an opportunity to have impact on electronic discussions around any project on the radar. Not achieving… >>> More
Processing Email in Outlook

as seen on Daniel Moth - Search for 'Daniel Moth'
A. Why Goal 1 = Help others: Have at most a 24-hour response turnaround to internal (from colleague) emails, typically achieving same day response. Goal 2 = Help projects: Not to implicitly pass/miss an opportunity to have impact on electronic discussions around any project on the radar. Not achieving… >>> More
email is moved to junk-email folder even though sender is listed as safe

as seen on Super User - Search for 'Super User'
Using Outlook-2007 : Added a sender as safe sender, but still the email from that id goes to junk-email folder. Tried resetting all settings and restarted outlook . any ideas ? Thanks! >>> More

Related posts about emailserver

using own mail server with external domain and dns. Now have internal dns. dkim test not working

as seen on Server Fault - Search for 'Server Fault'
I am not very knowledgeable in this area, but have been able to make great head way. Now i am stuck I setup my own mail server, e.g mailbox.example.com. I had the domain dns point to my mail server in my office. i was able to set up everything working fine. such as dkim and spf records. Recently… >>> More
What exactly is a X-YMailISG header?

as seen on Server Fault - Search for 'Server Fault'
Finally ... our emails are being seen by Yahoo! not as junk anymore. Hurray! However I notice that the Yahoo! receiving MTA adds in a X-YMailISG header. It's very large ... 2**10 bits? Now that I've invested too large a chunk of my waking life in crafting our email headers I'm curious to know… >>> More
Dovecot: no auth attempts in 0 secs (IMAP protocol)

as seen on Server Fault - Search for 'Server Fault'
I'm having a lot of problems configuring dovecot ony vps. I'm already able to send email using port 110 and to receive email using port 25, but I can't connect using port 993 and 995. I'm using self-signed ssl certificates. When I try to connect to 993 this error is logged: Jun 8 19:06:39 MY_HOSTNAME… >>> More
Transfer all 1&1 web and e-mail services to own Synology NAS using No-IP for DDNS

as seen on Server Fault - Search for 'Server Fault'
I have a domain x-treem.net. The registrar is DomainDiscover and I have a hosting package with 1&1 which includes web and e-mail. I also have an additional package with 1&1 - Microsoft Exchange which centralises all my e-mails, tasks, contacts, notes, etc. and I connect to it with my PC (Outlook)… >>> More
Postfix unable to create lock file, permission denied

as seen on Server Fault - Search for 'Server Fault'
I thought I had my postfix configuration all set up on my Amazon Ubuntu server but I guess not. I'm trying to set up an admin email account for 3 virtually hosted Apache websites. Here's my postfix main.cf file: myhostname = ip-XX-XXX-XX-XXX.us-west-2.compute.internal alias_maps = hash:/etc/aliases alias_database… >>> More