Justin C wrote:
Have you set up an SPF record for your domain? If not, it might be worth
doing so because Spamassassin can use it to detect forged sender
domains. Doing this should avoid the need to whitelist your own domain.
I'm getting spam which is defeating SpamAssassin, I think it's because
*@[ourdomain].com is whitelisted in /etc/local.cf. The problem
messages appear to come from me, the From and Reply-To addresses are:
Brandy Lugo <justin@[ourdomain].com>
the email address is mine, the user name is not.
I'm reluctant to remove '*@[ourdomain].com' from the local spamassassin
file, I don't want spamassassin wasting it's time scanning local
originating messages, but I would like to catch messages like the above.
As Exim hasn't managed to reject it, and spamassassin sees it as
whitelisted, I can only think of procmail to catch these. I've only used
procmail to sort legitimate mail, or send spam (already identified by
sa-exim) to /dev/null. I don't have a clue where to start with this one.
http://www.openspf.org/ has the documentation, a wizard, etc.
http://www.kitterman.com/spf/validate.html has an online checker.
IMO you need both: the wizard doesn't validate what it has generated and
the validator can validate the string before you publish it and
martin@ | Martin Gregorie
gregorie. | Essex, UK