> Henrik K wrote:
> > On Tue, Aug 11, 2009 at 04:31:32AM +0100, RW wrote:
> >> On Sun, 09 Aug 2009 11:33:29 +0100
> >> Cedric Knight <[email protected]> wrote:
> >>
> >>
> >>> header   FH_HELO_EQ_D_D_D_D    X-Spam-Relays-Untrusted =~ /^[^\]]+
> >>> ...
> >>> header   HELO_MISC_IP        X-Spam-Relays-Untrusted =~ /^[^\]]+
> >>>
> >> Possibly this is down to their running on the wrong boundary, these
> >> should be on the internal network boundary.
> > 
> > All these are fixed to -External in SVN/3.3.

On 11.08.09 10:58, Cedric Knight wrote:
> Quite a complicated issue.  I'd posted before
> http://www.nabble.com/Understanding-Trusted-and-Internal-to22282224.html#a22292088
> wondering why such rules didn't check X-Spam-Relays-External.

apparently because that's what trusted relays are for

> However, when I test external equivalents like EXT_HELO_DYNAMIC_IPADDR2,
> I find they hit as much ham (still only a little) and about half as much
> spam.  In other words, testing the first entry of the -Untrusted
> pseudoheader empirically does better for my setup.

It's quite common that people send mail from IPs with generic/dynamic naes.
If they mail you directly, that should be scored, but if they are using smart
relays, it's correct and you shouldn't score them if the ISP intentionally
set up such names for them (just because it wanted to help you rejecting
spam directly from such hosts).

-- 
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
We are but packets in the Internet of life (userfriendly.org)

Reply via email to