Re: locally submitted / outgoing mail hitting multiple rules

Fri, 26 Apr 2019 13:08:32 -0700 

On Fri, 26 Apr 2019, John Hardin wrote:


On Fri, 26 Apr 2019, Matus UHLAR - fantomas wrote:


Btw, sorry John for not answering your last question:

https://marc.info/?l=spamassassin-users&m=153633826515464&w=2


For now, I believe that using (ALL_TRUSTED && __DOS_SINGLE_EXT_RELAY)
is just what I need to prevent all rules from firing:



I think you mean !ALL_TRUSTED, right?


yes, mail with (ALL_TRUSTED && __DOS_SINGLE_EXT_RELAY) is trusted
submission, while (!ALL_TRUSTED && __DOS_SINGLE_EXT_RELAY) is direct-to-MX

I believe that mail who hit bost ALL_TRUSTED and __DOS_SINGLE_EXT_RELAY
should be exempted from hitting __DOS_DIRECT_TO_MX, currently:
meta __DOS_DIRECT_TO_MX __DOS_SINGLE_EXT_RELAY && !__DOS_HAS_LIST_ID && !__DOS_HAS_LIST_UNSUB && !__DOS_HAS_MAILING_LIST && !__DOS_RELAYED_EXT
meta __DOS_DIRECT_TO_MX __DOS_SINGLE_EXT_RELAY && !ALL_TRUSTED && !__DOS_HAS_LIST_ID && !__DOS_HAS_LIST_UNSUB && !__DOS_HAS_MAILING_LIST && !__DOS_RELAYED_EXT 

I see no reason to object to this.


...on second thought... (sigh)
__DOS_DIRECT_TO_MX doesn't imply anything about spam or ham. It's "was the mail submitted directly to this server - no hops prior to that" - which is a neutral fact about the mail. Adding !ALL_TRUSTED changes that meaning, to say "submitted directly *by an untrusted source*". 

Is it valid to do that silently?
Or would it be better to add a new meta like __DOS_DIRECT_TO_MX_UNTRUSTED and modify the rules using __DOS_DIRECT_TO_MX where appropriate (which, granted, is likely all instances - but I don't *know* for sure that is appropriate in all cases) to avoid silently changing the context for rules not in the SA repo? 

That way the *intent* of the rules is clear and unambiguous.


--
 John Hardin KA7OHZ                    http://www.impsec.org/~jhardin/
 jhar...@impsec.org    FALaholic #11174     pgpk -a jhar...@impsec.org
 key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  You can’t arm slaves and expect them to remain slaves,
  and similarly, you can’t disarm free citizens and
  expect them to remain free.                                 -- JPFO
-----------------------------------------------------------------------
 5 days until May Day - Remember 110 million people murdered by Communism

Reply via email to