Answering my own observation this seems to work with my fetchmail based
system:
always_trust_envelope_sender 1
Adding that line to my local.cf has no apparent effect -- at least on
messages from the sender. They're still Passing SPF, but NOT getting
whitelisted.
Try adding
envelope_sender_header Return-Path
I added that as well -- no difference.
Using the manual debug output from above, I noticed,
[7562] dbg: spf: def_whitelist_from_spf: [EMAIL PROTECTED] is
not in DEF_WHITELIST_FROM_SPF
[7562] dbg: spf: whitelist_from_spf: [EMAIL PROTECTED] is not
Are you sure you're checking the correct config file?
Yes. From the debug output,
[7596] dbg: config: using /etc/mail/spamassassin for site rules dir
[7596] dbg: config: read file /etc/mail/spamassassin/local.cf
Which is the file I'm editing.
In any case, other changes to it get picked up
That's the sitewide config file, though, and the debug output explicitly
says [EMAIL PROTECTED] is not in user's
WHITELIST_FROM_SPF.
Ok. I'm not sure what to do about that -- I'm only reporting what I see.
There is only ONE local.cf on this box.
It's REALLY shooting in the dark beause it indicates a possibly broken
parser, but, I'm inclined to suggest that as quoted he has a lead blank
in front of his whitelist_from_spf entry.
I'd also retype it to make sre there are no messed up characters line
a 0xa0 space in there. (I also found
Just for SGs, try changing that whitelist_from_spf [EMAIL PROTECTED]
to a def_whitelist_from_spf [EMAIL PROTECTED]
That made some sense to me to try! But, unfortunately, still no change.
One other possibility, it may be due to issues parsing the
Received: header that your MTA adds. It
On Sun, Jul 13, 2008 at 3:30 PM, mouss [EMAIL PROTECTED] wrote:
If mail is forwarded by a trusted hop before SA, you need
always_trust_envelope_sender=1
There's nothing special about this SA installation. It's just SA
running @ mail.mydomain.com. I'm doing no forwarding from one box
to
if mail contains Received headers indicating that mail was forwarded by a
trusted hop (a hop is not necessarily a box. it may be a proxy, an MTA
instance, ... etc), then addresses may have been rewritten and are thus
untrusted.
On my box there's only my mail server SA. No proxies etc. IIUC
I'm trying to get Spamassassin local configuration setup to
whitleist-by-SPF. The box, as delivered to me, runs Debian with
spamassassin -V
SpamAssassin version 3.2.5-r609689
running on Perl version 5.8.8
In local.cf I've added
whitelist_from_spf [EMAIL PROTECTED]
Checking