> it forges the from field to my own hostname, which is of course in > the whitelist of spamd (it has to be,
No, actually it *doesn't* have to be, and the folks over at the SpamAssassin mailing list consider whitelisting your own domain to be one of the most common and most significant errors you can make. The best approach is to simply exempt authenticated users from SpamAssassin checks, force all your users to use SMTP AUTH, and watch the problem go away. > So to block it I've added an acl check that would compare return-path field > and the from field. If they are different, it most probably is spam. Like, say, this very message coming from this mailing list, which has mismatching return-path and from? -- Dave Pooser Cat-Herder-in-Chief, Pooserville.com "...Life is not a journey to the grave with the intention of arriving safely in one pretty and well-preserved piece, but to slide across the finish line broadside, thoroughly used up, worn out, leaking oil, and shouting GERONIMO!!!" -- Bill McKenna -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
