On Fri, 19 Feb 2021 07:13:14 -0800 (PST) John Hardin wrote: > uOn Fri, 19 Feb 2021, Dan Malm wrote: > > > I have a system that received mail from a webmail product that adds > > a X-Originating-IP header with the IP of the webmail user. > > > > Since Spamassassin for some reason considers that to be a > > Received-header that results in all mails from the webmail hitting > > the RDNS_NONE rule (only IP is added in the header) which I > > currently have set to 0 due to this. > > Could you post a sample of the headers from such? Obfuscate as you > like, I'm just wondering about the order in which they appear. > >
If you just process X-Originating-IP: 1.2.3.4 1.2.3.4 is added to external and untrusted networks and you get X-Spam-Relays-Untrusted: [ ip=1.2.3.4 ... X-Spam-Relays-External: [ ip=1.2.3.4 .. If you have an authenticated (with ESMTPA) Received header above it, that header will be treated as internal and trusted, so it makes no difference, 1.2.3.4 is still the last-external address. The latter case is related to Bug 7590.
