Return-Path: Delivered-To: apmail-incubator-spamassassin-dev-archive@www.apache.org Received: (qmail 73524 invoked from network); 4 Apr 2004 18:51:23 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 4 Apr 2004 18:51:23 -0000 Received: (qmail 10466 invoked by uid 500); 4 Apr 2004 18:51:13 -0000 Delivered-To: apmail-incubator-spamassassin-dev-archive@incubator.apache.org Received: (qmail 10446 invoked by uid 500); 4 Apr 2004 18:51:13 -0000 Mailing-List: contact spamassassin-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: list-post: List-Id: "SpamAssassin Development" Delivered-To: mailing list spamassassin-dev@incubator.apache.org Received: (qmail 10428 invoked from network); 4 Apr 2004 18:51:13 -0000 Received: from unknown (HELO bugzilla.spamassassin.org) (64.142.3.173) by daedalus.apache.org with SMTP; 4 Apr 2004 18:51:13 -0000 Received: by bugzilla.spamassassin.org (Postfix, from userid 48) id 06B23839F5; Sun, 4 Apr 2004 11:51:17 -0700 (PDT) From: bugzilla-daemon@bugzilla.spamassassin.org To: spamassassin-dev@incubator.apache.org Subject: [Bug 3235] False Positives on FORGED_DEF_WHITELIST X-Bugzilla-Reason: AssignedTo Message-Id: <20040404185117.06B23839F5@bugzilla.spamassassin.org> Date: Sun, 4 Apr 2004 11:51:17 -0700 (PDT) X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N http://bugzilla.spamassassin.org/show_bug.cgi?id=3235 ------- Additional Comments From sidney@sidney.com 2004-04-04 11:51 ------- You would have in the configuration a line like trusted_networks 65.19.133.2 See man Mail::SpamAssassin::Conf for details. You can have more than one trusted_networks options and there is syntax to specify a subnet. That would tell SpamAssassin that 65.19.133.2 does not forge headers, meaning that in this case the mail really was received from a paypal.com server. Assuming that each site that you filter mail for has their own preferences, their preferences would include their own mail server ip addfresses in trusted_networks entries. It's not a matter of "going back to the next level". As soon as you hit a non-trusted server as you go back through the Received headers, SpamAssassin has no way of knowing that anything after that is not forged, even if lower Received headers claim to have servers that are on your trusted list. Again, see the man page for details: You generally don't have to explicitly declare your own servers as trusted, as that can be figured out automatically. But your example is a case where you would need the configuration option. Please let me know if that works out -- If it does we can close the bug again. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.