On 7/10/2006 9:57 PM, Gino Cerullo wrote:
On 10-Jul-06, at 9:16 PM, Daryl C. W. O'Shea wrote:
Snip, snip and more snip.
Also note that SPF isn't the only thing suffering from your trust
path issues, it's just a symptom you've noticed. You'll also
currently be doing dynablock checks against users you'd rather not
be, along with a whole slew of other tests that will FP when SA
thinks it's testing mail from some random system/zombie and not an
authenticated user.
So what you're saying is that I'm better off not scanning authenticated
users. I'll take your word on that.
There's probably just as many advantages as there are disadvantages for
doing it either way.
If you can't inform SA of a user's auth status then you've got to skip
the SA check. If you can provide the auth info, then SA will work fine
(if it supports parsing of your particular auth info), and it's a matter
of personal preference.
Let me know if you're running Postfix 2.3 and can enable the auth
headers in your config. I'll probably get to making a patch tonight
as long as the rain doesn't stop and I don't get distracted by the
big stash of fireworks I've accumulated. :)
Well I'm running Postfix v2.1.3 (standard in OS X Server 10.4.x.) I'm
waiting until Apple previews OS X 10.5 in August to see whether 10.5
includes Postfix v2.3. If not than I may do the upgrade myself in 10.4.
AFAIK, v2.3 is the first to support adding auth headers, so, yeah,
unless you upgrade you'll have to go with the first option.
Since SA is being called by Amavisd-new shouldn't the changes to ignore
authenticated user happen there? I think I read that somewhere, maybe
the Amavis mailing list. That's the problem with being subscribed to
all these lists. They all start to run into each other in your head.
Off to the archives I go.
I know of, but am not at all familiar with Amavisd-new configuration, so
I have no idea. Do what works.
BIG STASH OF FIREWORKS! Boy I'm glad you don't live in my
neighbourhood. :-O
My closest neighbor is about 4 km away so I don't have to worry about
blowing up the neighborhood. I do, however, need lots of fireworks if I
want to annoy them. :)
Daryl
