On Tue, 17 Oct 2006, Jo Rhett wrote:
> Bowie Bailey wrote:
> > Unless you specify it in the configuration, SA has no idea what
> > servers are local for you. In this case, it has to make a guess so it
> > makes the (fairly reasonable) assumption that the most recent received
> > header comes from a local MX.
>
> Oh. I get it. We're trusting headers to be more accurate than
> getifaddrs() ? Am I supposed to agree that this makes sense? Seriously...
>
Yes, because the headers are -supposed- to be the audit-trail that
reports the networks that the SMTP sessions passed thru. These may
have nothing to do with the network that the SA box sits on.
It is entirely resonable to have a SA scanning "appliance" that has
NO smtp traffic on it, it might even be on a completely different
network from the MTA hosts (the MTAs would be using spamc/spamd connects
to get the messages to the SA "appliance"). In which case if
SA were to assume that the local interfaces that it can fondle
have anything to do with the mail stream would be seriously broken.
BWT, RFC-2821 section 4.4 states that SMTP servers MUST add
"Rececived" headers that indicate the x-fer of the message.
So for your milter to hand a message to SA that lacks the corresponding
"Received" header cannot be anything but broken.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
