Jens Benecke said: > Chris Santerre wrote: > >> WHy would you want to recieve email from dialup IPs?? > > Because otherwise my users would complain. They have dialup IPs. Doh. > > And because I want to be able to receive mail which went DUL -> ISP1 -> > ISP2 > -> my server. This currently gets scored by SA which (IMHO) is wrong.
Pardon my ignorance, but isn't the scenario above exactly the same as a "typical" mail transaction? From what I understand, SMTP AUTH can be used to allow users to send mail through your server from outside your server's configured "trusted" netblocks. However, since your trusted netblock configuration are not visible to the outside world wouldn't an authenticated Received list look exactly like a "non-authenticated but inside the trusted block" Received list? > Unfortunately, qmail doesn't really mark the useage of SMTP AUTH in the > headers. > Additionally, even if qmail did indicate that the transaction was via SMTP AUTH, SpamAssassin really couldn't trust that information in the Received line. A spammer could simply inject a fake Received line with the AUTH markup. SA really can't trust any headers other than those that the end MTA (or any configured trusted servers) have added, right? -- Chris Thielen Easily generate SpamAssassin rules to catch obfuscated spam phrases (0BFU$C/\TED SPA/\/\ P|-|RA$ES): http://www.sandgnat.com/cmos/
