https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6357
Ivo Truxa <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #1 from Ivo Truxa <[email protected]> --- If I am reading the report correctly, I'd tell that the real problem is not with AWL, or with SA, but with the mail server configuration. Forged addresses on own domain should never reach SpamAssassin, they should be rejected in a an early stage when processing the mail, to save resources. It can be easily done either using DKIM or SPF, or simpler even without them by rejecting all email using local domains and not originating on authorized networks. DKIM signature would fix it with AWL even without rejecting the email prior SA. To address the issue anyway, I made a modification in the TxRep plugin (a proposed replacement for AWL). Now, messages originating on internal networks, will be assigned the address 127.0.0.1 (regardless what the real internal IP address was). The fix is in the revision 1.0.6 of TxRep. See https://issues.apache.org/SpamAssassin/show_bug.cgi?id=7021 for more details. As for the reversing the IP list, that is addressed in the bug 6908 (https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6908), and fixed in TxRep too, although the simple reversal is not the right solution. -- You are receiving this mail because: You are the assignee for the bug.
