Dan Mahoney:
> Hey there all,
>
> We have a couple of recipient canonical maps that do things like
> transform firstname_lastname into username (i.e. dan_mahoney -->
> dmahoney), also handle things like mapping people's former names
> into current names.
>
> This is useful where a user wants to have one canonical spamassassin
> settings folder, WHICH SPAMASS-MILTER GETS BY LOOKING AT THE LEFt
> HAND SIDE OF THE ADDRESS. So we clearly want spamass-milter to
> run after this rewriting happens.
[sorry for shouting, I captalized some text that is problematic.]
The system described in the capitalized text should not rely on the
message HEADER to determine who an email message is for.
For example, this message is sent to your email address, but you
are not in any recipient header. You are in the envelope.
A proper spam filter looks at the ENVELOPE recipient address to
determine who an email message is for.
Canonicalizing the envelope recipient before the DKIM check would
not cause the DKIM check to fail, because DKIM looks at message
content. It also does affect SPF, because SPF looks at where mail
comes from, not recipients.
There is no problem with canonical mapping before DKIM check, as
long as the mapping is limited to the envelope. And it is perfetly
legitimate to use virtual_alias_mnaps for that.
It took a few iterations before I think I hit the root problem.
Wietse
