Feature request : option to allow more granularity for whitelists and blacklists.
Posted: 20 May 2021, 10:37
Hello
I think as a server administrator that we should have the possibility for more granularity on whitelists and blacklists.
Being limited to the only possibilities offered by the the actual FE is not sufficient.
Spamassasin offers this possibility I think to put more criteria in the blacklist and whitelist configuration files.
Overwrite them to a simplified version is not nice.
At least it would be nice to have an option to *not* overwrite blacklists and whitelists!
Blacklisting an address is often not productive since spammers change addresses.
And what about companies specializing in sending batches of mail: should the entire domain of these companies be blacklisted? In addition, some end users want to receive them, others do not.
And these domains do also send out legitimate mail !
It would therefore be good to at least be able to specify for which user a source address or domain is blocked (the "from" which is now on "*").
In addition, if we put a domain on the blacklist or the whitelist, we should be able to add a criterium of SPF and / or DKIM. Otherwise we run the risk of whitelist-listing a domain as sender and then receive spoofed mail from that domain that is not passed by the legitimate servers ...
For the companies sending out these batches of mail camouflaging them as mailing lists, it seems to me that the header "List-Id:" is important, or "Precedence: bulk", or "X-CampaignID: xyz"
It must be possible that an end-user (not the CPANEL user, but the mail-user inside the CPANEL-account) could say he want to receive x-maillist, but not y-maillist send by the same maillist provider.
Looks to me that a lot of spam is now send in the mode of a "maillist" (of course the end-user did not subscribe, or did "subscribe" very indirectly because he has without paying attention to tick the box of sharing his email with the "partners"...
Thanks to think about these possibilities,
or at least the option to just not overwrite the black/white list and let the admins tweak them.
Maybe just look at a comment at the end of the line : "# do not overwrite" to give the possibility to tweak this.
Thanks for your usefull work !
Yves
--
ICOLEIS.net
I think as a server administrator that we should have the possibility for more granularity on whitelists and blacklists.
Being limited to the only possibilities offered by the the actual FE is not sufficient.
Spamassasin offers this possibility I think to put more criteria in the blacklist and whitelist configuration files.
Overwrite them to a simplified version is not nice.
At least it would be nice to have an option to *not* overwrite blacklists and whitelists!
Blacklisting an address is often not productive since spammers change addresses.
And what about companies specializing in sending batches of mail: should the entire domain of these companies be blacklisted? In addition, some end users want to receive them, others do not.
And these domains do also send out legitimate mail !
It would therefore be good to at least be able to specify for which user a source address or domain is blocked (the "from" which is now on "*").
In addition, if we put a domain on the blacklist or the whitelist, we should be able to add a criterium of SPF and / or DKIM. Otherwise we run the risk of whitelist-listing a domain as sender and then receive spoofed mail from that domain that is not passed by the legitimate servers ...
For the companies sending out these batches of mail camouflaging them as mailing lists, it seems to me that the header "List-Id:" is important, or "Precedence: bulk", or "X-CampaignID: xyz"
It must be possible that an end-user (not the CPANEL user, but the mail-user inside the CPANEL-account) could say he want to receive x-maillist, but not y-maillist send by the same maillist provider.
Looks to me that a lot of spam is now send in the mode of a "maillist" (of course the end-user did not subscribe, or did "subscribe" very indirectly because he has without paying attention to tick the box of sharing his email with the "partners"...
Thanks to think about these possibilities,
or at least the option to just not overwrite the black/white list and let the admins tweak them.
Maybe just look at a comment at the end of the line : "# do not overwrite" to give the possibility to tweak this.
Thanks for your usefull work !
Yves
--
ICOLEIS.net