On Wed, 17 Jun 2015 23:08:55 +0200
Franz Schwartau wrote:
> Hi!
>
> A few days ago I replaced AWL with TxRep. From time to time I get
> unusual high scores caused by TxRep since then.
>
> So I started debugging the TxRep plugin a bit. The high scores are
> caused by "HELO: localhost" after sa-learn of a spam mailbox.
>
> In check_senders_reputation() line 1252 reads:
>
> foreach my $rly ( @{$pms->{relays_trusted}},
> @{$pms->{relays_untrusted}} ) {
>
> Thus every relay parsed from Received headers is used. This leads to
> $helo = 'localhost' (line 1256) if there is no from in a Received
> header.
...
> I don't get why TxRep evaluates every relay in line 1252 and
> following. Shouldn't it just use the latest relay?
As far as I can see it does. It works it's way back through the headers
setting $helo as it goes, so $helo ends-up being set on the last
received header tested that matches the criteria (the last tested being
from the lowest received header in the email).
