Hello.
I am using TxRep with DBBasedAddrList.
If we learn the following email
ham is email address user@host with signed
spam is email address without user@host without signed
The following reputation is used
ham is [EMAILIP: user@host, rep:xx, count: xx]
spam is [EMAIL: user@host, rep: xx, count: xx].
Because the same storage location is used, the data will be mixed up.
If more spam is learned, there is a risk of false positives for ham.
This is because the weight of EMAILIP is particularly high.
The reason is that $signedby is not used in
DBBasedAddrList::get_addr_entry.
SQLBasedAddrList::get_addr_entry uses $signedby.
Here is a quote from the auto_welcomelist_distinguish_signed section of
TxRep.pm.
Without this option, or for domains that do not use a DKIM signature,
the reputation of legitimate email can get mixed with the reputation of
forgeries.
Given the above statement, I assume the developer knows this.
If the current REPUTATION LOGICS are to be retained, then
DBBasedAddrList::get_addr_entry should use $signedby as well as
SQLBasedAddrList::get_addr_entry?
Thanks.
