spamassassin-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzilla-dae...@bugzilla.spamassassin.org
Subject [Bug 3235] False Positives on FORGED_DEF_WHITELIST
Date Sun, 04 Apr 2004 03:01:19 GMT
http://bugzilla.spamassassin.org/show_bug.cgi?id=3235





------- Additional Comments From sidney@sidney.com  2004-04-03 19:01 -------
(copying reply into bugzsilla comments to keep the thread together)

Marc Perkel replied:
[begin quote]
No - it's not trusted - however - the first received line is from a legit paypal
server - so - can all the received lines be tested to see if ANY of them are legit?

The issue is - some people are getting the email delivered to Server A who then
sends it on to my server for spam processing. So - it should work in that
situation. Or - for backup MX servers that spool and forward when the main
server is down.
[end quote]

No, all Received lines cannot be tested to see if any of them say that this mail
which has a paypal.com From address was sent through a paypal.com server.

The only header{s} that can be tested for that are ones that SpamAssassin can
know are not forged.

The headers in this example say that ns1.daguru.net created a Received header
claiming that it received the mail from a server in the paypal.com domain. If
SpamAssassin cannot trust ns1.daguru.net then it cannot believe that header.
What if instead of ns1.daguru.net it was mail.spammer.biz?

The solution for backup MX servers is simple: They should be in the trusted
list. But if you run a SpamAssassin server that filters mail for people who send
it by mail redirection, that's trickier. I agree with you that this bug should
be left reopened as I think about it and I would appreciate any suggestions.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

Mime
View raw message