Hello, this is a 'scoring fix' with explicit ALPHA status.
Fix/Changes: Policyd-weight didn't check whether the (verified) client hostname matches the sender domain. CL_HOSTNAME_MATCHES_FROM(DOMAIN) uses the score of @helo_ip_in_client_subnet as the context is similiar. Logging (client=<>) changed to also tell the client name provided by postfix. This affects users which try to communicate with microsoft. I myself stumpled about this today (registering with eopen). Log-Example before Fix: 12:01:14 info: weighted check: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 HELO_IP_IN_CL16_SUBNET=-0.41 RESOLVED_IP_IS_NOT_HELO=1.5 (check from: .microsoft. - helo: .internal.smtp.mscom.phx. - helo-domain: .phx.) FROM/MX_MATCHES_NOT_UNVR_HELO(DOMAIN)=1.6 RANDOM_SENDER=0.25 IN_PM_RFCI=3.975 IN_ABUSE_RFCI=3.975; <client=207.46.22.101> <helo=internal.smtp.mscom.phx.gbl> <from=cnfrm...@microsoft.com> <to=i...@kuttendreier.de>; rate: 6.39 Log-Example after Fix: 14:47:56 info: weighted check: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 HELO_IP_IN_CL16_SUBNET=-0.41 (check from: .microsoft. - helo: .internal.smtp.mscom.phx. - helo-domain: .phx.) CL_HOSTNAME_MATCHES_FROM(DOMAIN)=-1.2 RANDOM_SENDER=0.25 IN_PM_RFCI=0.875 IN_ABUSE_RFCI=0.875 <helo_ips: internal.smtp.mscom.phx.gbl 216.32.180.22 207.46.232.182 207.46.197.32>; <instance=207.46.22.101cnfrm...@microsoft.com> <client=delivery.smtp.microsoft.com[207.46.22.101]> <helo=internal.smtp.mscom.phx.gbl> <from=cnfrm...@microsoft.com> <to=>; rate: -4.11 (FYI: HELO_IP_IN_CL16_SUBNET might irritate. This means that the client IP might also be in in the subnet of the _FROM_ addresses. (which is the case here)) -- Robert Felber (PGP: 896CF30B) Munich, Germany ____________________________________________________________ Policyd-weight Mailinglist - http://www.policyd-weight.org/