https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5883
Bill Cole <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] | |cconsult.com --- Comment #11 from Bill Cole <[email protected]> --- Additional unresolved issues with CommuniGate Pro Received headers arises from cases like this (domains and addresses munged): Received: from [74.105.23.238] (account [email protected]) by example.com (CommuniGate Pro HTTP 6.0.7) with CalDAV id 19552558 for [email protected]; Thu, 23 Jan 2014 18:40:05 +0000 This is from a message generated by CommuniGate when a user creates or modifies a calendar event via CalDAV which has others' addresses listed as attendees (i.e. invites, confirmations, and event change notices). This is analogous to a MSA Received header, in that it shows an authenticated sender account and the source IP should not be checked against DNSBLs that identify "dynamic" (i.e. end-user) IPs. If it is the only Received header, it should be considered "trusted" although I don't see any way in SA currently to make that so. That seems like a bigger gap: there ought to be a way to decree that the top/first Received header is "trusted". As it stands (as of 3.3.2,) passing such a message to SA stands a strong chance of false positives because many come from PBL-listed sources and therefore have a thin protection from random hits on other rules. -- You are receiving this mail because: You are the assignee for the bug.
