On Thu, 2008-06-19 at 20:37 -0700, Jo Rhett wrote:
> Example: > > host A: 10.0.0.1 generates e-mail, routes via HostB > > Host B: has outside IP 64.13.143.16 > > Received: from arran.svcolo.com (arran.sc.svcolo.com > > [64.13.143.17]) by kininvie.sv.svcolo.com (8.14.1/8.14.1) with ESMTP > > id m5K2o3it016795 for <[EMAIL PROTECTED]>; Thu, 19 Jun 2008 > > 19:50:03 -0700 (PDT) (envelope-from [EMAIL PROTECTED]) > > > > Received: from apc0.sv.svcolo.com (apc0.sv [10.0.0.1]) by > > arran.svcolo.com (8.13.8/8.13.4) with SMTP id m5K2o1sL002910 for <[EMAIL > > PROTECTED] > > >; Thu, 19 Jun 2008 19:50:02 -0700 (PDT) (envelope-from [EMAIL PROTECTED] > > ) > > > > X-Spam-Status: Yes, score=4.157 tagged_above=-10 required=4 > > tests=[AWL=0.656, NORMAL_HTTP_TO_IP=0.001, SPF_FAIL=3.5 > > > Obviously, putting 10/8 into the published SPF record makes no sense > at all, nor does adding 10/8 to the trusted_networks. > > So... how can I say "I trust Host B so much that I don't want to go > any farther for SPF checks?" Do you *need* to get the SPF test to pass, or do you just want to lower the score? If the latter, how about: header XX Received =~ /from \S+\.svcolo\.com (\S+ \[10\.\d\.\d\.\d\]) by arran\.svcolo\.com (/ score XX -5 -- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ [EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- Perfect Security is unattainable; beware those who would try to sell it to you, regardless of the cost, for they are trying to sell you your own slavery. ----------------------------------------------------------------------- 15 days until the 232nd anniversary of the Declaration of Independence