> That's not what it "just says". The info before it talks about how > SpamAssassin will attempt to detect RFC 3848 style auth tokens (it'll > also detect Sendmail and a few other styles of auth tokens) and how > Postfix is a pain in the ass about this (but finally, optionally, > provides the info in Postfix 2.3).
The smtpd_sasl_authenticated_header option in Postfix has been available since 2005-04-04 in current versions for those who needed it, and indeed with 2.3 since this July for the rest. If is off by default for compatibility and because it is nobody's business (as far as recipients are concerned) to know on what grounds and what technology our local users were authorized to submit their mail to a local MSA. If SA is in the play, mail administrator needs to trade: add the information to header and supply needed information to SA (and to recipients), or protect site setup privacy and cover for roaming users. Mark