[Rspamd-Users] Disable specific spam rule?
G.W. Haywood
rspamd at jubileegroup.co.uk
Mon Oct 30 08:58:42 UTC 2023
Hi there,
On Mon, 30 Oct 2023, Panayotis Katsaloulis via Users wrote:
> Hello all and thank you for accepting me in your community.
>
> I have a question. I want to disable a specific rule with rspamd, and
> specifically REPLYTO_EQ_TO_ADDR since it's common for me to send emails to
> myself, for various reasons, and this rule with value of "5.0" makes all
> these emails from myself "spam".
>
> I know and understand that this is what also spammers do (claim that they
> send emails from your own email) but for my case this is not a "problem".
There are better ways than what you propose to achieve your objective.
You could for example whitelist mail which is genuinely from yourself.
Because it is so easy to forge the 'From:' address, your whitelisting
rule(s) would probably need to check a number of other features of the
mail, such as the sending IP address. If you are sending from a local
MTA then simply checking for a sending address of 127.0.0.1 (or ::1)
should be sufficient.
A risk of whitelisting all mail from localhost is that if you suffer a
compromise and find yourself sending malicious messages, then you will
whitelist those too. A cautious approach is advisable with any kind
of whitelisting. In your case whitelisting mail from yourself, sent
only to yourself, and sent by localhost should be safe enough. Then
if the worst happens you would whitelist only malicious messages which
you sent to yourself. :)
--
73,
Ged.
More information about the Users
mailing list