René Berber wrote:
Hi,
I have a similar problem as the one recently reported by J. Rhett in thread
"skipping SPF checks for authenticated users". I'm trying to use Botnet plugin
and make it not score for authenticated users; having the same for SPF and RBL
would be even better.
So the problem is that SA doesn't recognize that users are authenticated, I saw
this document: http://wiki.apache.org/spamassassin/DynablockIssues which just
says to add a LOCAL_AUTH_RCVD rule that matches your mail server, I did and it
doesn't work as expected: SA matches the rule and adds a 1.0 score, the
pseudo-header shows no authentication was recognized:
That's not what it "just says". The info before it talks about how
SpamAssassin will attempt to detect RFC 3848 style auth tokens (it'll
also detect Sendmail and a few other styles of auth tokens) and how
Postfix is a pain in the ass about this (but finally, optionally,
provides the info in Postfix 2.3).
dbg: metadata: X-Spam-Relays-Untrusted: [ ip=200.52.129.137
rdns=mail.legosoft.com.mx helo= by=cactus-soft.dyndns.org ident=
[EMAIL PROTECTED] intl=0 id=J9POUJ-0001MC-JY auth= ] [
ip=189.149.70.163 rdns=dsl-189-149-70-163.prod-infinitum.com.mx helo=MARISELA
by=mail.legosoft.com.mx ident= envfrom= intl=0 id=kB3G26P6019032 auth= ]
It doesn't look like you have your trusted_networks configured
correctly. Fix that before you even attempt to get auth token detection
working.
Any help clarifying how the LOCAL_AUTH_RCVD rule is used, or an alternative to
make SA recognize the authenticated user, will be appreciated.
I've updated the DynablockIssues wiki page to be clear that custom rules
are only a workaround for less than helpful MTAs.
Using SA 3.1.7, under Solaris 9 with sendmail 8.13.8 and Windwos XP manually for
testing.
Sendmail should be putting a "(authenticated bits=0)" line in its
Received header when the user authenticates. SA will automatically use
this to extend the trust path if the header above it is trusted.
Daryl
