http://bugzilla.spamassassin.org/show_bug.cgi?id=3615
------- Additional Comments From [EMAIL PROTECTED] 2004-07-18 12:52 ------- Subject: Re: SPF_(PASS|FAIL|SOFTFAIL) rule doesn't hit when it should -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > The following is an unwanted 'feature' in the SPF.pm plugin: > > SPF: relayed through one or more trusted relays, cannot use header-based > Envelope-From, skipping > > The header based Envelope-From *may* be unreliable when a message was > relayed through one or more trusted relays. But I know that the trusted > relays I use (Postfix content filters running on localhost) don't mess > with the envelope from, so this restriction does not apply. There should > be a configuration option to override this restriction. Note that these > relays are recognized as trusted in the above mentioned case. There's not really a good way to detect this reliably; it could also have been gatewayed into a mailing list which would then resend the msg with a new envelope sender. The workaround is to get the trusted relays to record env-sender in the Received header as per http://wiki.apache.org/spamassassin/EnvelopeSenderInReceived . > Additional to my previous comments on "parse_received_headers", this > function is flawed for another reason as well. I know of a couple of > companies where each machine in use will have a public IP, regardless of > the fact that it is connected to the net or not. Which means that a > trusted relay may have a public IP. Therefor, judgement whether a relay > is trusted should ultimately be a decision made in the configuration > files. Or at least it should be possible to override the automatic > detection, which fails for inbound mailservers with a private IP or > trusted relays with a public IP. Yes, and it is. See the "trusted_networks" and/or "internal_networks" settings. - --j. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Exmh CVS iD8DBQFA+tTyQTcbUG5Y7woRAoxoAJ9X8XfOftTHZySx6C+ELNApJ+AGegCgyCpX XMsHTNPi7RlyGy/r4l167mI= =Aq4j -----END PGP SIGNATURE----- ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
