5295 – RFE: "whitelist_authenticated"

Bug 5295 - RFE: "whitelist_authenticated"

Summary: RFE: "whitelist_authenticated"

Status:	RESOLVED FIXED

Alias:	None

Product:	Spamassassin
Classification:	Unclassified
Component:	Libraries (show other bugs)
Version:	SVN Trunk (Latest Devel Version)
Hardware:	Other other

Importance:	P5 enhancement
Target Milestone:	3.2.0
Assignee:	SpamAssassin Developer Mailing List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2007-01-15 05:40 UTC by Justin Mason
Modified:	2007-01-25 04:59 UTC (History)
CC List:	1 user (show)

Attachment	Type	Modified	Status	Actions	Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Justin Mason 2007-01-15 05:40:20 UTC

http://taint.org/2007/01/10/144318a.html#comments :

Craig Hughes said:

'fwiw, “whitelist_from_spf, whitelist_from_dkim, and whitelist_from_dk” is a
user nightmare. How about one list called “whitelist_if_authenticated”? Users
don’t have any frigging idea if the other end is spf, DKIM or DK. Actually, they
probably don’t know about authentication. How about “whitelist_from” and only
apply the whitelist is authenticated? Actually, that latter thing is probably
bad, in the case where the sender isn’t doing auth, the receiver will think
something’s broken if whitelisting doesn’t work… Maybe whitelist_from and
whitelist_authenticated is the best… ultimately probably moving to just
whitelist_from where it only applies to auth’d mail once more senders are auth’ing.'


He's quite right too ;)  So here's a feature request for
"whitelist_authenticated", which apes the UI of "whitelist_from", but under the
covers translates into all of: whitelist_from_spf, whitelist_from_dkim,
whitelist_from_dk, and whatever other whitelist_from_xxx methods we may add in
future, for the email addr specified.

Comment 1 Justin Mason 2007-01-23 10:54:33 UTC

I'm going to try to get this into 3.2.0.

Comment 2 Daryl C. W. O'Shea 2007-01-23 11:38:42 UTC

I've been thinking about this since whitelist_from_dkim was added... I've yet to
think of a name I'm happy with though.

It's not "whitelist_authenticated" since there's no authentication involved.

"whitelist_authorized" sounds dumb.  Maybe.  I dunno.

"whitelist_auth" is better, but not really accurate (but people can consider it
authorized or authenticated... whatever matches their confusion).

"whitelist_verified" is the closest I can think of that actually reflects what
is going on.


In any case... I'd figured we'd just add a config structure identical to the
"whitelist_from" config sturcture on {conf} and then have the various plugins
use it.

I think we should avoid an accessor in the plugin API that leads to plugins
making copies of the same whitelist... some people have huge whitelists so the
memory bloat would be horrible.

Comment 3 Justin Mason 2007-01-25 04:59:03 UTC

ok, implemented -- I went for "whitelist_auth", and took onboard the note about
authorization v authentication (good point).  Also, the design (a single shared
addrlist on Conf) was the right way to do it, too.

: jm 367...; svn commit -m "bug 5295: add 'whitelist_auth', to whitelist
addresses that send mail using sender-authorization systems like SPF, Domain
Keys, and DKIM"
Sending        lib/Mail/SpamAssassin/Conf.pm
Sending        lib/Mail/SpamAssassin/Plugin/DKIM.pm
Sending        lib/Mail/SpamAssassin/Plugin/DomainKeys.pm
Sending        lib/Mail/SpamAssassin/Plugin/SPF.pm
Sending        t/spf.t
Transmitting file data .....
Committed revision 499774.