https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6169
--- Comment #4 from Sidney Markowitz <[email protected]> 2009-07-30 14:04:01 PST --- As an additional note on this: As Justin pointed out the "may be forged" is a common situation that whitelist_from_rcvd does handle. In this case whitelist_from_rcvd is looking at the rdns result "localhost" instead of the possibly forged result "alside.com". That doesn't help you because you are telling whiltelist_from_rcvd to look for "localhost" and that is what it sees. If this is a spammer, it is a spammer who has configured the rdns for the mail server's ip address to return the name "localhost". I'm assuming that karotte.org is a domain you have some control over, hence the "localhost" in the whitelist entry. You should look at why you need to have whitelist_from_rcvd specifiying "localhost" instead of "karotte.org". The SPF records for alita.karotte.org and karotte.org say that mail should be coming through mx.karotte.org. If you have the mail set up for local origin mail going into the mail box with a Received header that shows 127.0.0.1 and not the external ip address of the mx mail server, then you need to fix that or change the rdns result for 127.0.0.1 or you won't be able to use whitelist_from_rcvd for that address in a useful way. The whitelist_from_rcvd entry you have now will be fooled by any spammer who configures their rdns to return "localhost". Bottom line is that localhost is not that useful as the domain name in a whitelist_from_rcvd entry. -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
