On Thu 09/Jul/2015 16:00:52 +0200 Bowie Bailey wrote: >>> On 7/8/2015 8:22 AM, Sam Varshavchik wrote: >>> >>>> Ideally, this should be handled entirely by SpamAssassin, which should >>>> pass through the message immediately, unmodified, if the message was >>>> already tagged with its headers. Each individual SpamAssassin's >>>> installation should generate a long random token, include it in the >>>> headers of all filtered messages, and pass through the message, >>>> unfiltered, if it already has its own token. >>> >>> Interesting idea, but if you are also filtering outbound mail, then >>> anyone receiving your mail will know how to bypass your spam filter >>> unless you somehow delete the SA headers for the outbound messages. >> >> Ok, then a variation of this: the inserted header would contain a >> timestamp, and a hash of the timestamp plus the site-specific random >> token. SpamAssassin can then ignore headers with timestamps more than >> five minutes old, for example; and validate current timestamps by >> recalculating the same hash. > > That might work. Now you've just got to convince someone to implement > it. :)
To implement that in SA requires some convention for distributing boundary servers' trusted tokens. A possibly simpler alternative is to translate X-Spam-Flag into a custom Authentication-Results line. Since Courier guards that header field, MDAs can trust it even if they run on separate boxes. It would remain up to local mailfilters to check whether the header exists and skip xfilter in that case. Ale -- ------------------------------------------------------------------------------ Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
