Bug 6382 - [review] add missing unwhitelist_from_dkim, remove facebook and linkedin from dkim whitelisting
Summary: [review] add missing unwhitelist_from_dkim, remove facebook and linkedin from...
Status: RESOLVED FIXED
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: Plugins (show other bugs)
Version: 3.3.0
Hardware: Other All
: P2 normal
Target Milestone: 3.3.2
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard: ready to commit for 3.3.2
Keywords:
Depends on:
Blocks:
 
Reported: 2010-03-19 13:32 UTC by Michael Scheidell
Modified: 2011-05-09 13:52 UTC (History)
5 users (show)


Attachment Type Modified Status Actions Submitter/CLA Status
unwhitelist_from_dkim text/plain None Michael Scheidell [NoCLA]
A combined patch patch None Mark Martinec [HasCLA]
Show Obsolete (1) Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Scheidell 2010-03-19 13:32:48 UTC 
Created attachment 4715 [details]
unwhitelist_from_dkim

since the introduction of default whitelist_from_dkim rules (some of which may not be in accordance with site policies against social networks), the ability to unwhitelist them is important.

the attached patch against 3.3.0/3.3.1 by mark martinec will add  in the missing unwhitelist_from_dkim

suggest documentation and wiki edits also.
Comment 1 Michael Scheidell 2010-03-19 13:35:23 UTC 
and as suggested, please remove these from default whitelist (facebook and linkedin. ) there is more legit spam from them than forged spam.
Comment 2 Mark Martinec 2010-03-19 17:50:11 UTC 
trunk:
Bug 6382: add in missing unwhitelist_from_dkim
Sending lib/Mail/SpamAssassin/Plugin/DKIM.pm
Committed revision 925353.
Comment 3 Mark Martinec 2010-03-19 17:54:10 UTC 
Bug 6382: removed facebook and linkedin from def_whitelist_from_dkim
Sending rules/60_whitelist_dkim.cf
Committed revision 925354.
Comment 4 Kevin A. McGrail 2010-03-19 20:25:47 UTC 
(In reply to comment #3)
> Bug 6382: removed facebook and linkedin from def_whitelist_from_dkim
> Sending rules/60_whitelist_dkim.cf
> Committed revision 925354.

I can't test the code but I'm +1 on 3.3.2 after reviewing the patch.  

Do we have and statistics on facebook and linkedin spam, though?  I've not seen much linkedin spam.
Comment 5 Mark Martinec 2010-03-20 13:01:27 UTC 
> Bug 6382: add in missing unwhitelist_from_dkim

I intend to enhance the change a bit further to allow more
selective removal of entries based on signing domain too,
so I'm removing the [review] status temporarily. The patch
is alright as it is now for those who need the functionality
right away.
Comment 6 Michael Scheidell 2010-05-12 14:08:41 UTC 
please add youtube to the domains to remove from default opt out.

their email program and process leave no ability to opt-out of the emails.

if you can't opt-out of spam you never requested, you should not have to fight with whitelisting in SA defaults.
Comment 7 Michael Scheidell 2010-05-12 18:07:09 UTC 
(In reply to comment #4)
> (In reply to comment #3)
> > Bug 6382: removed facebook and linkedin from def_whitelist_from_dkim
> > Sending rules/60_whitelist_dkim.cf
> > Committed revision 925354.
> 
> I can't test the code but I'm +1 on 3.3.2 after reviewing the patch.  
> 
> Do we have and statistics on facebook and linkedin spam, though?  I've not seen
> much linkedin spam.

as a fyi, facebook gets listed in spamcop all the time.(cisco ironport users?)

(sorry about the wrapping)
<http://www.senderbase.org/senderbase_queries/detailip?search_string=69.63.176.0%2F20>
Comment 8 Mark Martinec 2010-05-13 14:08:27 UTC 
Bug 6382#6: removing service@youtube.com and amazon from def_whitelist_from_dkim
Sending rules/60_whitelist_dkim.cf
Committed revision 943958.
Comment 9 Michael Scheidell 2010-05-13 14:11:13 UTC 
(In reply to comment #8)
> Bug 6382#6: removing service@youtube.com and amazon from
> def_whitelist_from_dkim
> Sending rules/60_whitelist_dkim.cf
> Committed revision 943958.

and, just as a clarification, since I am running 3.3.1.. 
these rule changes are ONLY on 3.3.2, and have not been backported to 3.3.1?
(since I still see linkedin in my 60_whitelist_dkim.cf on 3.3.1)

right? no backporting of these rule changes?
Comment 10 Mark Martinec 2010-05-31 14:47:12 UTC 
(In reply to comment #5)
> I intend to enhance the change a bit further to allow more
> selective removal of entries based on signing domain too,
> so I'm removing the [review] status temporarily. The patch
> is alright as it is now for those who need the functionality
> right away.

Ok, here is now the final version of the change.

With the first version of this patch the unwhitelist_from_dkim command used
only one parameter (email address), just like unwhitelist_from_rcvd, and
removed all addresses regardless of a signing domain (the second parameter
in whitelist_from_dkim).

Now the unwhitelist_from_dkim command has two parameters, exactly like
the whitelist_from_dkim, and both must match for a corresponding entry
to be removed. This allows for selectively removing just some but not all
entries for a given email address.


trunk:
  Bug 6382 - add missing unwhitelist_from_dkim, part deux
Sending lib/Mail/SpamAssassin/Conf/Parser.pm
Sending lib/Mail/SpamAssassin/Plugin/DKIM.pm
Committed revision 949831.
Comment 11 Mark Martinec 2010-05-31 14:52:57 UTC 
Created attachment 4763 [details]
A combined patch

For ease of inspection: this is now a merged final patch, implementing
the unwhitelist_from_dkim configuration option as documented.

Returning to a review status.
Comment 12 Mark Martinec 2010-05-31 15:05:34 UTC 
(In reply to comment #9)
> > Bug 6382#6: removing service@youtube.com and amazon from
> and, just as a clarification, since I am running 3.3.1.. 
> these rule changes are ONLY on 3.3.2, and have not been backported to 3.3.1?
> (since I still see linkedin in my 60_whitelist_dkim.cf on 3.3.1)
> 
> right? no backporting of these rule changes?

No, there is only one set of rules now, the change should be visible
after a sa-update under 3.3.1 as well. There may have been a delay of
a couple of days due to sa-update propagation conditions and some problems
with it. There should no longer be a 'def_whitelist_from_dkim *@linkedin.com'
in 60_whitelist_dkim.cf, along with few other removed entries mentioned
in this PR.
Comment 13 Kevin A. McGrail 2011-05-05 20:03:53 UTC 
Clarifying that I am voting for the patch. 1 more vote needed for 3.3.2.
Comment 14 Michael Scheidell 2011-05-05 20:10:31 UTC 
Just a fyi.  Linkedin slammed a service account. Protected by whitelsting.  No remove options.
Returnpath certified it. And defended the lack of any remove address
Comment 15 Henrik Krohns 2011-05-08 13:25:54 UTC 
+1 looks ok
Comment 16 Mark Martinec 2011-05-09 13:52:14 UTC 
3.3:
  Bug 6382: add missing unwhitelist_from_dkim,
  remove facebook and linkedin from dkim whitelisting
  Sending lib/Mail/SpamAssassin/Conf/Parser.pm
  Sending lib/Mail/SpamAssassin/Plugin/DKIM.pm
  Sending rules/60_whitelist_dkim.cf
Committed revision 1101026.