https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6501
--- Comment #3 from Karsten Bräckelmann <[email protected]> 2010-10-19 22:13:25 UTC --- (In reply to comment #2) > A webmail user, logged in from home on the PBL'd address, sends a message. The > webmail host is on my network, as is this mailserver, both on the same private > subnet. It has not passed through any dial-up users via SMTP. This is irrelevant. PBL is being checked against your perimeter, not whether it is passed through a PBL listed IP. > > The common cure for this is to use authentication. > > It's webmail, therefore authenticated? SMTP is not authenticated between the > webmail host and the qmail host it is via a trusted connection over my private > subnet. There is no Received header indicating any kind of authentication. > > I believe this to be a trusted / internal networks configuration issue, or > > missing authentication. Not a bug. > So the problem goes away if the X-Originating-IP header goes away, which is > what led me to believe this is a bug. Should that happen if it were a > authentication issue? Yes. If it is an authenticated submission, as indicated in the headers, the IP would not be checked against PBL and you would indeed get an ALL_TRUSTED hit in your regular scanning. There is no hint in the headers that the X-Original-IP is an authenticated or otherwise trusted source. That's why SA checks it. -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
