This one from last week didn't make it through SF's downtime: On Thu 16/Jul/2015 10:41:45 +0200 Matus UHLAR - fantomas wrote: >> On Wed 15/Jul/2015 22:41:30 +0200 Bowie Bailey wrote: >>> Unfortunately, SA ignores the header since it is placed at the bottom of >>> the header list rather than inline with the rest of the Received headers. > > On 16.07.15 09:19, Alessandro Vesely wrote: >> SA behavior is not affected by the field position within the header, AFAIK. >> It >> looks rather like a design decision, since SA behaves the same with >> Authentication-Results fields (which are often placed before the topmost >> Received:). > > I don't think SA trusts SPF header below last trusted Received:
You're right, almost. The SPF plugin considers "internal" relays, which seems to be a subset of "trusted". However, the plugin is unable to unfold the fields correctly, and only gets the first line of each. I filed this: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7224 When that bug is fixed, one would need to move Received-SPF: before Received: and s/SPF=/identity=/ on their 2nd line. At that point one would get this: 5085-north:tmp$ spamassassin -D spf < listmsg2.eml >/dev/null Jul 16 20:21:02.583 [21704] dbg: spf: checking to see if the message has a Received-SPF header that we can use Jul 16 20:21:02.584 [21704] dbg: spf: found a Received-SPF header added by an internal host: Received-SPF: pass (Address passes the Sender Policy Framework) identity=MAILFROM; sender=courier-users-boun...@lists.sourceforge.net; remoteip=216.34.181.88; remotehost=lists.sourceforge.net; helo=lists.sourceforge.net; receiver=wmail.tana.it; Jul 16 20:21:02.584 [21704] dbg: spf: re-using mfrom result from Received-SPF header: pass Jul 16 20:21:02.584 [21704] dbg: spf: found a Received-SPF header added by an internal host: Received-SPF: pass (Address passes the Sender Policy Framework) identity=HELO; sender=lists.sourceforge.net; remoteip=216.34.181.88; remotehost=lists.sourceforge.net; helo=lists.sourceforge.net; receiver=wmail.tana.it; Jul 16 20:21:02.584 [21704] dbg: spf: re-using helo result from Received-SPF header: pass Jul 16 20:21:02.592 [21704] dbg: spf: def_whitelist_from_spf: courier-users-boun...@lists.sourceforge.net is not in DEF_WHITELIST_FROM_SPF Jul 16 20:21:02.593 [21704] dbg: spf: whitelist_from_spf: courier-users-boun...@lists.sourceforge.net is not in user's WHITELIST_FROM_SPF Ale -- ------------------------------------------------------------------------------ Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users