On Apr 1, 2008, at 5:46 PM, Benny Pedersen wrote:
What I am pointing out is that AWL should not be used for
mail from self to self, because this is an easy forgery.
explain why its a problem when awl logs ip
AWL counts on the spammer not being able to forge someone you
correspond
with normally.
so problem is that awl tracks /16 with is mostly to wide ?
will problem be solved if it was /32 ?
The answer to these questions is "I don't know". It's not clear to
me how spamassassin deals with SMTP AUTH messages from localhost. It
appears that in some situations SA skips the first Received header
and goes to the previous one. That's why I asked the question about
which IP is used.
This is usually true, but forging your own address is trivial.
yep, but ip should still limit the problem very much
I agree.
--
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source
and other randomness