>>> On 3/29/2012 at 7:17 PM, "[email protected]" <[email protected]> >>> wrote: >> If you trust those ISPs to not forge headers, then add them to the trusted >> list too, and that will push the checking boundary back to where they >> received the message from. >> >> -- >> John Hardin KA7OHZ http://www.impsec.org/~jhardin/ >> [email protected] FALaholic #11174 pgpk -a [email protected] >> key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 >> ----------------------------------------------------------------------- > > Truly? Very Interesting. And just as I was having so much "fun" coming up > with custom rules.
How far can this go? The "last hop" is my own local network address, the box that fetches the mail and feeds it to spamassassin. The "next to last" would the the "ISP" (misnomer, this is actually a mail host provider, not my connectivity provider). The "third" down the line would be the "source" (the IP that sent it to my "mailbox" that I fetch from).
