Webmail: Accepting incoming email only if addressed to some 'authorized' addresses

[Javier]

I have searched the suggestion forum but I have not seen anybody asking for this feature in the SpamCop webmail.

I funnel email from several domains to my SpamCop webmail account. Then, after filtering the junk emails, I have it configured to forward the 'legit' ones to an email address provided by my ISP.

The facts are that I have no control over the 'catch-all' of some domains and, as result, my SC webmail account receives an humongous amount of crap addressed to non-existent accounts under these domains, making easy to pass unnoticed the false positives (drowned amidst a sea of spam) when reporting the junk.

So, my suggestion is to implement in SC Webmail the ability of checking the incoming email against an user-created list of 'authorized' recipients, and filter/delete the incoming emails not addressed to the 'authorized' email addresses contained into this list. It would be sort of disabling the catch-all for the SpamCop Webmail (and would be a complementary feature to the actual 'whitelist').

[Wazoo]

So, my suggestion is to implement in SC Webmail the ability of checking the incoming email against an user-created list of 'authorized' recipients, and filter/delete the incoming emails not addressed to the 'authorized' email addresses contained into this list. It would be sort of disabling the catch-all for the SpamCop Webmail (and would be a complementary feature to the actual 'whitelist').

A bit of work, not exactly as requested (but noting that as requested, the server-load would be pretty dramatic, in my opinion) ..... actually set up a Filter Rule along the lines of To: field does not contain <valid address> ... set it to run at login ...

[Telarin]

Only problem I see with that is emails that were BCCed to you, as your address would not show up in the headers most likely.

[Javier]

A bit of work, not exactly as requested (but noting that as requested, the server-load would be pretty dramatic, in my opinion) ..... actually set up a Filter Rule along the lines of To: field does not contain <valid address> ... set it to run at login ...

That was my first idea, but the filters only would act on the emails in the 'Inbox' and 'Held' folders, without deleting the invalid ones that slip under the SpamAssassin radar and reach my "final" email account (a double filtering for invalid addresses would be necessary: in the SC Webmail and in my mailbox). Thus, I thought about deleting them at arrival to SC Webmail as a more "elegant" and cleaner solution.

Regarding the server load, certainly I don't know the innards of the system but, deleting the mis-addressed mails at arrival (and before reporting) wouldn't reduce the amount of reports finally parsed & submitted by SC (and thus the server load)?

Only problem I see with that is emails that were BCCed to you, as your address would not show up in the headers most likely.

You made a valid point here. Probably it would be necessary to add 'Undisclosed recipients' to the valid "To:" field list.

[michaelanglo]

A bit of work, not exactly as requested (but noting that as requested, the server-load would be pretty dramatic, in my opinion) ..... actually set up a Filter Rule along the lines of To: field does not contain <valid address> ... set it to run at login ...

Actually the server load could be quite small.

Just enhance the Personal Blacklist to look at the "To: " etc fields (Personal Whitelist already does).

Thus Blacklist the entire domain Example.com and whitelist admin[at]example.com, m.smith[at]example.com etc.

The first difficulty is that this (this suggestion and the OP's request but not Wazoo's) would stop SpamAssassin etc. from being able to be useful on spam sent to valid addresses.

Need a one-way scheme so WhitelistB only overrides whitelist ?

[Wazoo]

Regarding the server load, certainly I don't know the innards of the system but, deleting the mis-addressed mails at arrival (and before reporting) wouldn't reduce the amount of reports finally parsed & submitted by SC (and thus the server load)?

You are mixing up / wrapping up a whole myriad of different servers, systems, and applications here.

JT's e-mail system/network has over a dozen systems at present just handling incoming e-mail ... once again noting that SpamCop.net e-mail accounts are but a portion of the services he provides.

The Parsing & Reporting stuff is handled on the Cisco/Ironport systems over on the opposite U.S. coast.

[StevenUnderwood]

Just enhance the Personal Blacklist to look at the "To: " etc fields (Personal Whitelist already does).

Just to clear something up here... Personal Whitelist does NOT look at the To address. Only the Sender and Reply-To: addresses.

[DavidT]

A much better solution would be to get those catch-all accounts disabled....are you absolutely *sure* that's not an option? Fewer and fewer people are using a catch-all anymore...spammers ruined that years ago...and any host worth anything at all will enable the disabling of that feature.

DT

[michaelanglo]

Just to clear something up here... Personal Whitelist does NOT look at the To address. Only the Sender and Reply-To: addresses.

"That turns out not to be the case" (Thanks Sir Kevin Renner)

I just used 15 minutes finding the October 2007 reference when Pezel and DavidT kindly told us

SpamCop Emails Whitelist checks "To:" field and overrides/bypasses all blacklists including Greylisting

But that's not complete, and [...]

The following headers are checked against the whitelist

* Envelope Sender aka Return Path

* From:

* Sender:

Many mailing lists have a "Sender" field added, which remains constant for the list, while the "From" is variable.

==

http://forum.spamcop.net/forums/index.php?...amp;#entry60252

[StevenUnderwood]

"That turns out not to be the case" (Thanks Sir Kevin Renner)

That is fine, but I still do not believe that to be correct. If I had seen it at that time, I would have voiced my challenge then.

The whitelist page specifically states: Mail from users whose email addresses match your whitelist will be passed without checking any DNS blacklists.

The blacklist page expands on it: Mail from users whose email addresses match your blacklist will be blocked without checking any DNS blacklists. The email address checked is the envelope sender which is identified in the headers of the email as the Return-Path. This might be different from the From: address shown in the email.

Nowhere in either of those descriptions does it state Mail TO email addresses in the whitelist will pass unblocked. Nowhere in any of the official SpamCop documentation does it say that either: http://www.spamcop.net/fom-serve/cache/303.html

As a test, I have whitelisted my biggest spammed addresses (yahoo.com, charter, and spamcop) and I should be able to see this weekend.

[DavidT]

I think that Steven is correct. In that previous thread, I didn't specifically state that the "To" is included...Petzl did that, and I didn't correct him, but rather added what Steven has posted here.

DT

[michaelanglo]

I think that Steven is correct. In that previous thread, I didn't specifically state that the "To" is included...Petzl did that, and I didn't correct him, but rather added what Steven has posted here.

I actually did this experimentally, I think neither myself nor Petzel place any reliance on what is or isn't in the Horde documentation. except as a source of information of what is worth trying.

(11 Nov '07) NG spamcop.mail

Results are that X-SpamCop-Whitelisted: appears for both Return-Path:

and From: items and one can also deduce that Return-Path: is tested

before From: because when both are in the Whitelist the Return-Path:

item is shown.

Discussions in the forum claim that whitelist also looks at To: and

Sender: I haven't {yet} verified this though I have checked that Blacklist

doesn't look at To:.

==(17 Nov 2007 NG spamcop.mail

I can now support the claims in the forum with evidence. I poked about

in the mailing lists I get until I found one with a valid e-mail

address in the To: field that is not in From: nor any of the other

fields you mention above. I whitelisted it and immediately got

X-SpamCop-Whitelisted: in the header of the next e-mail from that list.

==

[petzl]

I actually did this experimentally, I think neither myself nor Petzel place any reliance on what is or isn't in the Horde documentation. except as a source of information of what is worth trying.

Below an example of whitelisting working

http://www.spamcop.net/sc?id=z1790053447za...;action=display

I have NZ in my whitelist

if a spammer has NZ ending in senders [at] address it is sent directly to my inbox

(not that it gets opened just reported)

I just use POP not webmail

[DavidT]

I have NZ in my whitelist

if a spammer has NZ ending in senders [at] address it is sent directly to my inbox

But this doesn't address to "To" issue, does it?

I just added one of my various "webmaster" addresses to my SC whitelist, sending test email messages from an unrelated system both before and after explictly "To" that address. The "X-SpamCop-Whitelisted" line was not present in my post-whitelisting test. The reference cited from someone in the newsgroups having performed a test doesn't prove anything...they may very well have goofed up their test. I'm pretty sure that the system works as documented.

DT

[petzl]

But this doesn't address to "To" issue, does it?

I just added one of my various "webmaster" addresses to my SC whitelist, sending test email messages from an unrelated system both before and after explictly "To" that address. The "X-SpamCop-Whitelisted" line was not present in my post-whitelisting test. The reference cited from someone in the newsgroups having performed a test doesn't prove anything...they may very well have goofed up their test. I'm pretty sure that the system works as documented.

For me the whitelist works as I expect it to

Were just giving a sample of spam showing the whitelist works (using email client Bat Voyager)

I cannot recall where I stated that the whitelist looks at the "to" field (It doesnt)?

The Whitelist looks at the "from" address if email Client sending/receiving is Outlook Express (perhaps)

With the "Bat Voyager" My actual email client, this is changed in headers, to "Return-Path" (which is the whitelisted address)

again I rarely use Webmail to receive or send email and were just giving an example

[DavidT]

I cannot recall where I stated that the whitelist looks at the "to" field (It doesnt)?

In this post, made last October:

http://forum.spamcop.net/forums/index.php?...amp;#entry60251

DT

[petzl]

In this post, made last October:

http://forum.spamcop.net/forums/index.php?...amp;#entry60251

Thanks fixed/changed it to From field

[StevenUnderwood]

I can now support the claims in the forum with evidence. I poked about

in the mailing lists I get until I found one with a valid e-mail

address in the To: field that is not in From: nor any of the other

fields you mention above. I whitelisted it and immediately got

X-SpamCop-Whitelisted: in the header of the next e-mail from that list.

==

And my testing shows just the opposite. I whitelisted my underwood[at]spamcop.net and stevenunderwood[at]yahoo.com the whole weekend and saw nothing whitelisted with those addresses while most of my spam came to those addresses. Could you post a tracking URL for one of yours that was whitelisted?

I'm having problems accessing webmail at this moment but I will post one that did not get whitelisted as soon as I do.

This one was sent to underwood[at]spamcop.net: http://www.spamcop.net/sc?id=z1793664355ze...ff82d3cd720d0bz