spamassassin-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [Bug 3235] False Positives on FORGED_DEF_WHITELIST
Date Sun, 04 Apr 2004 03:01:19 GMT

------- Additional Comments From  2004-04-03 19:01 -------
(copying reply into bugzsilla comments to keep the thread together)

Marc Perkel replied:
[begin quote]
No - it's not trusted - however - the first received line is from a legit paypal
server - so - can all the received lines be tested to see if ANY of them are legit?

The issue is - some people are getting the email delivered to Server A who then
sends it on to my server for spam processing. So - it should work in that
situation. Or - for backup MX servers that spool and forward when the main
server is down.
[end quote]

No, all Received lines cannot be tested to see if any of them say that this mail
which has a From address was sent through a server.

The only header{s} that can be tested for that are ones that SpamAssassin can
know are not forged.

The headers in this example say that created a Received header
claiming that it received the mail from a server in the domain. If
SpamAssassin cannot trust then it cannot believe that header.
What if instead of it was

The solution for backup MX servers is simple: They should be in the trusted
list. But if you run a SpamAssassin server that filters mail for people who send
it by mail redirection, that's trickier. I agree with you that this bug should
be left reopened as I think about it and I would appreciate any suggestions.

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

View raw message