Page History

...

If you simply use 'whitelist_from', this is quite trivial for spammers to exploit, as it simply examines the From: headers of the mail.

Wiki Markup(NEW) I think use of 'trusted_networks' is the easiest and best - In the form of trusted_networks ip.add.re.ss\[/mask\] ... (default: none) as documented \[http://spamassassin.apache.org/full/3.0.x/dist/doc/Mail_SpamAssassin_Conf.html#item_trusted_networks_ip_2eadd_2ere_2ess_5b_2fmask_5d__ here\], e.g. trusted_networks 66.111.4.0/24Note: for either of the below to work, you must have your trusted networks set properly. See TrustPath for more details. That said, trusted_networks is NOT a whitelist mechanism in itself.

One way is to use 'whitelist_from_rcvd', which requires a hostname appear in the headers as well.

...