User Tools

Site Tools


how_to:whitelist_blacklist

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
how_to:whitelist_blacklist [2013/01/11 08:47] – [Blacklist] paulhow_to:whitelist_blacklist [2018/11/14 10:45] (current) – external edit 127.0.0.1
Line 1: Line 1:
 ======Spamfilter Whitelist & Blacklist====== ======Spamfilter Whitelist & Blacklist======
  
-The VPOP3 spamfilter has a whitelist and a blacklist.+The VPOP3 spamfilter has a whitelist and a blacklist for sender addressesIt also has a whitelist and blacklist for words/phrases. 
 + 
 +You can view these lists in the VPOP3 settings by going to **Settings -> Spamfilter -> White/Black Lists**
  
 By default, whenever you send a message, the recipient's address will be added to the whitelist, this is because VPOP3 will assume that the recipient is someone you want to be in contact with. Similarly, if you release a message from the spamfilter quarantine, the sender's address will be added to the whitelist. By default, whenever you send a message, the recipient's address will be added to the whitelist, this is because VPOP3 will assume that the recipient is someone you want to be in contact with. Similarly, if you release a message from the spamfilter quarantine, the sender's address will be added to the whitelist.
Line 9: Line 11:
  
 If you wish, you could adjust the rule weights so that one has precedence over the other, eg set the whitelist weight to '-150' to make the whitelist overrule the blacklist, or the blacklist weight to '150' to make the blacklist overrule the whitelist. If you wish, you could adjust the rule weights so that one has precedence over the other, eg set the whitelist weight to '-150' to make the whitelist overrule the blacklist, or the blacklist weight to '150' to make the blacklist overrule the whitelist.
- 
  
 =====Blacklist===== =====Blacklist=====
Line 20: Line 21:
  
 The Blacklist will not be checked if the header contains three or more 'Reply-To' headers (this is an invalid message, and matches another spamfilter rule) The Blacklist will not be checked if the header contains three or more 'Reply-To' headers (this is an invalid message, and matches another spamfilter rule)
-=====Local Addresses=====+=====Whitelist===== 
 +====Local Addresses====
 If you put an address on the whitelist which is also in a 'local domain', then, by default VPOP3 will ignore that when checking //incoming// mail. This is because spammers often send spam pretending to be from the same domain as the recipient. In most cases, mail from local domains will be sent locally, not incoming, so, usually, this is a sensible rule to follow. If you put an address on the whitelist which is also in a 'local domain', then, by default VPOP3 will ignore that when checking //incoming// mail. This is because spammers often send spam pretending to be from the same domain as the recipient. In most cases, mail from local domains will be sent locally, not incoming, so, usually, this is a sensible rule to follow.
 +
 +If you look in the messages headers of a filtered message, then VPOP3 will add a header line like:
 +
 +  X-VPOP3-WL: Skip Local (email.address)
 +  
 +if this is happening
  
 If you want to tell VPOP3 to check the whitelist for incoming mail from local domain email addresses as well, then go to **Settings -> Spamfilter -> General**, go to the **Script Configuration** tab, and set **CheckLocalWhitelist** to **1**. If you want to tell VPOP3 to check the whitelist for incoming mail from local domain email addresses as well, then go to **Settings -> Spamfilter -> General**, go to the **Script Configuration** tab, and set **CheckLocalWhitelist** to **1**.
  
 Note that in many cases, [[allowing_mail_relay_through_vpop3|external users can actually send mail through VPOP3]] as if they were local users, so their mail won't be spam filtered at all.  Note that in many cases, [[allowing_mail_relay_through_vpop3|external users can actually send mail through VPOP3]] as if they were local users, so their mail won't be spam filtered at all. 
 +
 +====Fields which the Whitelist checks====
 +The Whitelist currently checks the addresses in the **Return-Path**, **Reply-To** and **From** header fields.
 +
 +The Whitelist will not be checked if the header contains three or more 'Reply-To' headers (this is an invalid message, and matches another spamfilter rule). 
 +
 +The 'Reply-To' address will not be checked if it is set to 'noreply@facebookmail.com', as that would whitelist a lot of spam, because that address is often added to the whitelist by out-of-office replies.
 +
 +====Whitelist result info====
 +The spam filter adds a header to the message called 'X-VPOP3-WL' which contains diagnostic information about the whitelist results. It may also add a line 'X-VPOP3-SpamWL' if the whitelist checks have been skipped for some reason.
 +
 +=====Whitelist Words and Blacklist Words=====
 +VPOP3 has a section where you can add data to a whitelist or blacklist of 'words'. You should only add up to 200 entries here, because adding too many can affect performance.
 +
 +In fact the 'words' can be phrases or regular expressions as well as simple words. VPOP3 will check the subject and any 'text' parts of the message for the 'words'. (it will not check attachments). VPOP3 will decode any [[wp>quoted_printable|quoted-printable]] or [[wp>base64]] encoded parts of the message.
 +
 +Note that we would not recommend using **blacklist words** as a general way of adding to the spam filter, as it is relatively inflexible and slow (instead, you may want to look at [[write_your_own_spam_filter_rules|writing your own rules]], but the **whitelist words** can be a good, simple way to whitelist emails which contain your own product names, for instance.
 +
 +====Data Formats====
 +By default, VPOP3 will try to find the 'words' you enter as ASCII character insensitive substring matches. This means that a word of ''Buy Viagra'' will match ''buy viAgra'' but not ''buy  viagra'' (with two spaces) or ''buy<CRLF>viagra'' (split onto two lines). 
 +
 +You can also use [[wp>regular expressions]] to make the checks more flexible, however this can be daunting for people who do not have experience of using regular expressions. To specify a regular expression, you write it as **/**<regular expression**/**<flags> (which is a common format for regular expressions.
 +
 +So, for instance, a regular expression of ''/\bbuy\s+v[1i][a@]gr[a@]/i'' will be a case insensitive match for 'buy viagra' where 'buy' starts on a word break, there is one or more space/tab/line-break between the words, and the 'i' in viagra is an 'i' or a '1', and the 'a's are either 'a' or '@'. So, this one rule would match ''buy v1agr@'', or ''buy      vi@gra'' etc. This shows the power of regular expressions, 
 +
 +===Character Sets===
 +VPOP3 currently does not do any [[wp>character sets|character set]] normalisation. This can cause issues for non-ASCII character sets. For instance, European accented characters may have several different raw forms in different character sets such as [[wp>ISO-8859-1]], [[wp>ISO-8859-2]], [[wp>utf-8]], etc. 
 +
 +This may mean you need to use several whitelist/blacklist word entries to match the several options, or use regular expressions to match them all. If you understand regular expressions, that is generally the simplest way to do.
 +
 +For instance, to match naïve, the ï character is character 239(EF in hex)  in ISO-8859-1, ISO-8859-3 and Unicode. Even though the character number is the same, the UTF-8 encoding means that the Unicode version will usually be transmitted as hex C3 AF, rather than as hex EF.
 +
 +So, a regular expression to match this would be ''/na(\xef|\xc3\xaf)ve/'', or if you want to be case insensitive, you could use ''/na(\xef|\xc3\xaf|\xcf|\xc3\x8f)ve/i'' (Ï is hex CF or hex C3 8F in UTF-8 encoding)
 +
 +In a future version of VPOP3 we may normalise all character sets to UTF-8 encoding which will not affect ASCII characters, but will make it easier to cover all the options for non-ASCII characters.
how_to/whitelist_blacklist.1357894062.txt.gz · Last modified: 2018/11/14 10:44 (external edit)