http://bugzilla.spamassassin.org/show_bug.cgi?id=2462
------- Additional Comments From [EMAIL PROTECTED] 2004-03-29 13:40 ------- Subject: Re: detect SMTP AUTH to avoid dynablock FPs on legit msg submission -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >> 1. for the POP-before-SMTP case, allow SA to give bonus "nice" points >> to IPs that have authed via POP, bug 3086. (If you're talking about >> POP-before-SMTP, best to go there.) > >Shouldn't it still be up to the MTA to tag the Received: line as >authorized? I suppose POP-before-SMTP could be done with some front-end >making the information unavailable to the MTA. That's how it is done currently -- there's several scripts that tail the POP/IMAP logfile and update an access DB file. >> 2. match header data that indicates that the submitter used SMTP AUTH. >> That's this bug. And I agree with Chris Candreva, we need more >> samples from the other MTAs, and this may be a reasonable approach. > >If by (2), you mean we should just handle authorized hosts in one of the >following ways: trust them, don't include them in notfirsthop testing, >or consider them non-dynamic, then I agree. meaning don't include them in nfh testing. - --j. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Exmh CVS iD8DBQFAaJe7QTcbUG5Y7woRApnqAJ9ntutP9pMidkukeenV7dJdr9dD+QCgzuzs PzWjhp0cBbDq0j/NYE0xaN8= =JHdV -----END PGP SIGNATURE----- ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
