Hello,
On Mon, Mar 28, 2022 at 04:29:00PM +0100, Hugo Mills wrote:
I've just had a brief interchange with a small
charity that uses
DigitalOcean for some of their systems. A password-change mail
from their website was binned by my exim instance, for a score of
8.8 given to it by the Bitfolk SpamAssassin (5.0 of that for
coming from Digital Ocean).
Does the email have a DKIM_VALID_AU report from BitFolk's
SpamAssassin? If so, I am happy to add the domain that's in the
From: address to the allowlist. This would indicate that the content
and source of the email are as intended by the domain owners.
Failing that, if it has an SPF_PASS report then I may be able to
allowlist *by envelope sender*, if the envelope sender also is
unique to them. That would indicate that the domain owner expects
emails with that envelope sender to come from that source.
As an aside, I think that even if one were to decide that mail from
Digital Ocean doesn't deserve to be scored, 3.8 points is still too
high for their email and there's probably something they could do
about that.
Can anyone suggest how, if at all, I can whitelist
mail from that
particular domain in my (Debian) exim4 config
If the email's envelope sender is unique to them, then you could add
a match for it to a file like /etc/exim4/local_sender_allowlist, and
then at the place where you consider an email's SA score you can
exempt senders that match local_sender_allowlist from consideration.
In Debian there is already in
/etc/exim4/conf.d/acl/20_exim4-config_local_deny_exceptions
machinery for checking the envelope sender against the file
CONFDIR/local_sender_whitelist so you could use or copy that
approach.
You'll probably have to look in the Received headers for the
envelope-from.
Depending upon how you have configured your Exim it may already be
checking that file before considering the SA score.
There is no way at the moment for a user to alter the way BitFolk's
SpamAssassin works so you either have to act upon its score or not.
I'm using the Bitfolk SpamAssassin and therefore
have no control
over it?
A big issue that we could possibly alleviate by somehow working out
how to do per-user SpamAssassin configuration. It's not something I
am keen to do as I would rather encourage people to run their own
anti-spam system (or sign up to a paid service that does that).
Cheers,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting