On 12/17/10 9:57 AM, Ted Mittelstaedt wrote:
On 12/17/2010 9:23 AM, Aaron Bennett wrote:
-----Original Message----- From: Ted Mittelstaedt
[mailto:t...@ipinc.net] Sent: Friday, December 17, 2010 12:20 PM
To: users@spamassassin.apache.org Subject: Re: preventing
authenticated smtp users from triggering PBL
why are you using authenticated SMTP from trusted networks?
The whole point of auth smtp is to come from UN-trusted networks.
I think you are misunderstanding. I may be on an unstrusted network,
but I want to send email through a host on a trusted network. By
authenticating, I can. It was the "trusted host" which authenticated
me, and thus SA needs to take that I was authenticated by a trusted
host into consideration before applying the PBL rule to the address
the mail initiated on.
Right, but a spammer can send a message with the same authenticated
flag set in the mail header through the standard SMTP port because
they are manufacturing the headers out of thin air.
My experience with SA is that if it sees that flag anywhere in the
header, it will assume the mail is safe. I have also had the experience
with earlier versions of SA that they ignore the flag completely but
that was fixed a while ago.
Ted
I use Mimedefang with some home-brewed patches I've been trying to get David to
include for the last 3+ years.
I look for the local port # that the connection comes in on, and pass it in to
SpamAssassin as a hint from the command via --cf=... And port 587 forces a
different rule than 25 does.
This can't be forged.
-Philip
