On Wed, 2008-10-29 at 11:15 -0700, John Hardin wrote:
> On Wed, 29 Oct 2008, Karsten Bräckelmann wrote:

> > The thing with noobs and whitelist_from (according to my experience on
> > this list) appears to be a lack of reading. I got the impression most of
> > them just blindly whitelist_from their own domain to be on the safe
> > side, without any prior investigation and usually without any need.

> Agreed, and if they aren't reading the documentation carefully enough to
> see the warnings about using whitelist_from, then they probably aren't
> running a lint either...
> However, if emitting a warning in lint saves having some "why are spams
> hitting USER_IN_WHITELIST??" messages sent to the list, it's probably
> worth doing.

I'm not convinced this would help much, for the reason you mention in
your first paragraph. Also, this would be rather annoying for those
who use it legitimately [1] and know what they are doing.

What I am really wondering about is, *why* they set it in the first
place, and where they found out about this, without actually reading
much documentation.

The funny thing is, that quite a lot of the recent threads regarding
whitelist_from are not asking about spam slipping through, but the
opposite -- they are claiming that whitelisting does *not* work, despite
the setting.


[1] Meh, this one was exceptionally hard to spell correctly.

char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a \x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i (c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}