[CentOS] RE: Logwatch / spamassassin

Thu Sep 11 09:38:37 UTC 2008
Ned Slider <ned at unixmail.co.uk>

Bob Hoffman wrote:
>  So..
> 
> To answer my own question...
> 
> so I edited the file /etc/mail/spamassassin/local.cf
> 
> whitelist_from logwatch at localhost.localdomain
> 
> Where localhost.localdomain is your hostname.servername
> 
> And it worked.
> 

Sorry, didn't see you'd answered your own question in my previous reply :)

> However, I am concerned about spoofing. I would think that mail agent and
> spamassassin would have an 'okay, it's a local user' thing going on.
> 
> They do not.
> 
> On the internet there are 1000s of posts like mine, asking questions about
> this and getting no answers. I hope this helps.
> 

The best method (IMHO) is probably not to accept mail from a non-FQDN in 
your MTA. There's no good reason I can think of to accept external mail 
from localhost.localdomain.

Other methods using spamassassin might be to have those mails sent to an 
account that shouldn't be filtered anyway (such as postmaster) or to 
write a some header/body checks unique to your logwatch mails to make 
sure they pass rather than just filtering on the From: sender address.