http://bugzilla.spamassassin.org/show_bug.cgi?id=2462
------- Additional Comments From [EMAIL PROTECTED] 2004-12-02 02:03 -------
Subject: Re: detect SMTP AUTH to avoid dynablock FPs on legit msg
submission
Here's an authenticated TLS connection to the same server:
Received: from [192.168.123.141] (hammer.dostech.net [192.168.123.141])
(authenticated bits=0)
by cyan.dostech.net (8.12.8/8.12.8) with ESMTP id iB29oceg011436
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
for <...>; Thu, 2 Dec 2004 04:50:46 -0500
So, to answer your question Justin, I think we can indeed tell them
apart by the presence of 'authenticated bits' (in the case of Sendmail)
only appearing in connections which are authenticated, regardless of
TLS. The existing patch determines this correctly.
Additionally, I think 'HTTP' should be added to the list (ESMTPS,
ESMTPSA, LMTPS, LMTPSA) of authenticated 'with' methods in the patch
(see bug 4008) since I can't think of any reason why a non-authenticated
session would include 'with HTTP' in the first untrusted relay header,
save for a bad server configuration.
Daryl
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
