https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7731
Bug ID: 7731
Summary: Add external and msa metadata to RelayCountry
Product: Spamassassin
Version: 3.4.2
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: Plugins
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: Undefined
Per users list discussion
David Jones wrote:
> Maybe allow the RelayCountry check to happen on the msa network or the
> first relay?
>
> Or something like trusted_countries that could provide a limit/boundary
> to the trust of trusted_networks?
>
> Compromised accounts often get abused from foreign/unusual countries. I
> have meta rules and DWL/DBL for emails combined with RelayCountry but
> these are useless in this situation.
Perhaps adding new datadata X-Relay-Countries-External would be enough, it
would check all external IPs (vs untrusted for the default
X-Relay-Countries). I think it could use useful in this and other
situations when there are lots of additional trusted networks.
Maybe also the X-Relay-Countries-MSA to check client IPs from msa_networks.
Might even make it to 3.4.3 if KAM wants to delay rc4 just a little bit more.
:-D
--
You are receiving this mail because:
You are the assignee for the bug.
