Hi there,
I was wondering what amavisd-new does exactly to ensure Received
header sanity.
For example if I look at my logs I see
Passed SPAM, [80.92.69.56] [77.87.224.34]
The first IP is the one delivering to my MX, so it can be trusted. The
second IP is the IP from the first host (i.e. last
I'm not sure that amavisd does at all. Spamassassin does a lot to
determine which header matters, and their logic is well documented.
The short version = the first Received line (going backwards) which
isn't trusted. (but Trust is a big topic you need to read about, or
better yet just