# SpamAssassin rules file: default SPF whitelists
#
# Please don't modify this file as your changes will be overwritten with
# the next update. Use @@LOCAL_RULES_DIR@@/local.cf instead.
# See 'perldoc Mail::SpamAssassin::Conf' for details.
#
# <@LICENSE>
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to you under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at:
# 
#     http://www.apache.org/licenses/LICENSE-2.0
# 
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# </@LICENSE>

###########################################################################
# SPF whitelist rules

ifplugin Mail::SpamAssassin::Plugin::SPF

header USER_IN_SPF_WHITELIST	eval:check_for_spf_whitelist_from()
describe USER_IN_SPF_WHITELIST	From: address is in the user's SPF whitelist
tflags USER_IN_SPF_WHITELIST	userconf nice noautolearn net
reuse USER_IN_SPF_WHITELIST

header USER_IN_DEF_SPF_WL	eval:check_for_def_spf_whitelist_from()
describe USER_IN_DEF_SPF_WL	From: address is in the default SPF white-list
tflags USER_IN_DEF_SPF_WL	userconf nice noautolearn net
reuse USER_IN_DEF_SPF_WL

meta ENV_AND_HDR_SPF_MATCH	(USER_IN_DEF_SPF_WL && __ENV_AND_HDR_FROM_MATCH)
describe ENV_AND_HDR_SPF_MATCH	Env and Hdr From used in default SPF WL Match
tflags ENV_AND_HDR_SPF_MATCH	userconf nice noautolearn net

###########################################################################
# Default whitelists.  These should be addresses which send mail that is often
# tagged (incorrectly) as spam; it also helps that they be addresses of big
# companies with lots of lawyers, so if spammers impersonate them, they'll get
# into big trouble, so it doesn't provide a shortcut around SpamAssassin.
#
# Whitelist and blacklist addresses are now file-glob-style patterns, so
# "[email protected]", "*@isp.com", or "*.domain.net" will all work.
#
# Please do not add unmoderated public mailing lists here.  They are
# too easily abused by spammers.

def_whitelist_from_spf   *@nytimes.com
def_whitelist_from_spf   *@amazon.com
def_whitelist_from_spf   *@amazon.co.uk
def_whitelist_from_spf   *@*.amazon.co.uk
def_whitelist_from_spf   *@ora.com
def_whitelist_from_spf   *@*.ora.com
def_whitelist_from_spf   *@mypoints.com
def_whitelist_from_spf   *@*.mypoints.com
def_whitelist_from_spf   *@paypal.com
def_whitelist_from_spf   *@ebay.com
def_whitelist_from_spf   *@foolsubs.com
def_whitelist_from_spf   *@match.com

# bugtraq: can contain malicious Javascript etc.
def_whitelist_from_spf   *@securityfocus.com

def_whitelist_from_spf   *@mediaunspun.imakenews.net

# sender of Cringley newsletter
def_whitelist_from_spf   *@bdcimail.com

# Silicon.com newslettters - we see thousands of these
def_whitelist_from_spf   *@silicon.com

# C|Net news.com newsletters
def_whitelist_from_spf   *@newsletter.online.com

# bug 1348
def_whitelist_from_spf   *@enews.buy.com
def_whitelist_from_spf   *@palm.m0.net
def_whitelist_from_spf   *@handspring.4at1.com

endif # Mail::SpamAssassin::Plugin::SPF