http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5374
------- Additional Comments From [EMAIL PROTECTED] 2007-03-20 08:17 ------- I'd like to hear Daryl's comments, seeing as he's become the trusted_networks/internal_networks guru ;) > I think DUL type blocklists should only be used if: > > 1. You only check against the first noninternal IP (quite possibly different > to first nontrusted IP if you have a bigger trust algorithm like the one from > BUG 5373) Are you taking the differentiation between trusted_networks and internal_networks into account? I noticed an issue on bug 5373 (at least in terminology) on that point. internal_networks was designed to deal with this issue, since it *does* allow trust to extend further, without affecting the network boundary used to determine which IP to check in the DUL case. The DUL/PBL rules should all be using "-lastexternal" accordingly to take that into account. We definitely do not look further than the "handover to receiver" IP for DUL rules, to avoid this case: > user ip -> isp/3rd party smtp -> receiver > zombie user ip -> forwarder -> receiver That limitation does miss some spam for the forwarder case, but that's better than increasing FPs in the case of "user ip -> 3rd party smtp server in trusted_networks -> receiver". > 2. If you accept SMTP auth mail for local users, your mail server does add the > appropriate Received header that parse_received_line can detect as an > authenticated SMTP session Yep -- documented as an important thing that ISPs need to do. > 3. You're willing to penalise SME type customers that run their own mail > servers > on DSL/dialup lines We haven't made a definite stand on this, but I think those guys are pretty much a lost cause by now. :( SpamAssassin is the _least_ of their worries, with pretty much every major ISP (including AOL) blocking them, afaik. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
