On Wed, 7 Jul 2010, Louis Guillaume wrote:
> > (spamass-milter doesn't tell SA about auth) ==> [
> > rbl checks run against authenticated user's IP address
> > lack of ALL_TRUSTED for authenticated user's mail
> That last one seems to be my problem. Does the patch fix this? I'll
> try updating and see what happens.
Hi Again!
I just need to clarify one thing that's not clear to me in re-reading our
thread from the other day: Is there a work-around for this?
My users are getting restless. Everytime their ISP changes their IP address I
have to whitelist them!
Uh, I missed the original thread, so maybe this was explained, but why
aren't the users sending mail through their ISP's SMTP server?
Presuming there is a good answer for this, then, have you considered just
whitelisting based on the user's "From:" header? There's a trick to it:
90% of the time, spammers have a harvested address, but *don't* have the
NAME portion of the user's "From:" header.
So build a rule that matches their WHOLE 'From:' header, like this:
header LOC_FROMOURUSER From =~ /^User Name <theiraddr...@example.com>/
Notice the absence of the coomnly usd 'i' flag on the regex.
If they have quotes around their name, include them in the regex.
The entire line shuold *exactly* match what the user's MUA generates.
The only thing that messes this up is when users have the annoying habit
of changing their 'name' on their mail....
Naturally, there is a small risk of having a spammer send a message with
exactly that header, but really, how many of those will there be?
- Charles
