On Apr 29, 2008, at 7:40 PM, Matt Kettler wrote:
I'm not repeating for the 5th time that there are no trusted
mailservers. Only this host.
That's a contradiction, because "this host" is a mailserver.
Clearly you have a trusted mailserver.
However, in the interest of moving the discussion forward, you have
exactly one trusted mailserver, your MX, which is perfectly valid.
Yes. I'm sorry but this is obvious. I don't know how to pick the
words exactly as you want them, but most people understood what I
meant 5 or 6 replies ago ;-)
The question lies in why does the AWL seem to be confusing forged
email with your own email. That's generally quite critically
dependent on the trust path.
No, that's not the question at all. (more below)
Have you tried running one of the forged messages, and an actual
legitimate message through SA manually with the -D flag to see what
the trusted and untrusted hosts are, as SA sees it?
Yes. Many times. That's not the point of this thread.
The point of this thread is the obvious ease of forging e-mail from
recipient to (same) recipient. It's one situation where the AWL
wouldn't work very well. It would be fairly easy to forge, and
worthwhile enough for botnets to just do this (which they are, in
force, for the last month)
I personally see no value in applying AWL to messages from self to
self. I may be wrong, and I'm open to arguements against this, but I
am suggesting that the AWL module should skip over self->self
messages. It seems too easy to forge, and no gain in doing so.
--
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source
and other randomness
