https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7269
--- Comment #5 from Kevin A. McGrail <[email protected]> --- (In reply to Andrew from comment #4) > (In reply to Kevin A. McGrail from comment #3) > > According to the docs, auto_whitelist_distinguish_signed was added solely > > for 3.3.0 database compatibility: > ... > > If this option is set the SQLBasedAddrList module will keep separate > > database entries for DKIM-validated e-mail addresses and for > > non-validated ones. A pre-requisite when setting this option is that > > a field awl.signedby exists in a SQL table, otherwise SQL operations > > will fail (which is why we need this option at all - for > > compatibility with pre-3.3.0 database schema). A plugin DKIM should > Sorry, but I think that it means that pre-3.3.0 db doesn't have the field > "signed by" and this option should be set to zero when using old scheme > (turned off). So I think the documentation means "why we need this options > to be TURNED OFF". By default this option is turned on (for the latest DB > that has signedby field). > the DKIM separate records is a feature that helps to prevent of trashing the > score for good senders when spammers use someone's "from" field but can not > provide the users correct DKIM signature. when this option is not used and > spammer user the email of some good user we have bad reputation for this > good user just because spamnmer used his email and this is not correct, we > will score the good emails with this incorrect score. For example an > intruder can generate much spam and use email of a victim, the system will > learn that this email is spam by txrep. then our victim writes us a good > email but it is banned by txrep. > so I think this is a feature to prevent such security holes in spam > protection.. and it can be turned off for old db when there were no support > of this feature in txrep/awl. Then have you set option to 0 when using a DB design from 3.4.1? -- You are receiving this mail because: You are the assignee for the bug.
