https://issues.apache.org/SpamAssassin/show_bug.cgi?id=7021
--- Comment #10 from Ivo Truxa <[email protected]> --- I released another version (v1.0.7), which removes the (partial) IP from the EMAIL_IP identificator when SPF check returns 'pass'. When there is an SPF pass, we assume that the domain owner maintains the responsibility over all IP addresses he authorizes with the SPF record, and hence we keep the same identity for all of them. Because there may be domain owners who declare the +all policy in their SPF, resulting in a pass for anyone (including forgers), I preferred doing the feature optional, so that the administrators can decide for themselves whether they want to use the feature or not. The same IP ignoring happens (since the beginning) also with the DKIM signatures, but was not made optional there. The advantage is less records in the database, less scattering and higher counts per email (catching all sender's messages under the same record, regardless from where he sends, as long as it is from an authorized address). -- You are receiving this mail because: You are the assignee for the bug.
