> So is it the case according to what you´ve said below that with your
> modified logic that setting your MX servers as trusted and MSA will no
> longer result in all mail being trusted? And will that then trust mail
> recieved via SMTP Auth and therefore solve my problem?
I actually only placed a patch in bugzilla for a possible SA enhancement, so
it is not something is going to be published tomorrow. Also, you see RW
already raised a reasonable concern about it. I don't think this or future
patches will get into any SA release before wide acceptance by developers.
You may try to use the patch, anyway. But please note that RW exception is
correct: if your MXes relay incoming mail to your core SA boxes via
authenticated LMTP (or ESMTP), all your incoming mail will be ALL_TRUSTED
(which is very bad).
> Also how does SpamAssassin identify mails as being delivered using
> SMTP Authentication? Does it rely on the MTA updating the header
> appropriately? I found in my Exim config this line which I think is
> doing something like this:
>
> ${if def:authenticated_id {\n\tauth-from $authenticated_id}}
SA identifies that a relay authenticated a submission by inspecting its
"received:" header. Most MSAs in these cases report a specific protocol
after the "with" keyword. In example: "with ESMTP" means the mail was
relayed through the Enhanced (unauthenticated) SMTP protocol, while "with
ESMTPA" would instead mean that the Enhanced SMTP protocol with
Authentication was used.
You may look at the method
Mail::SpamAssassin::Message::Metadata::Received::parse_received_line to
learn more about it.
All this of course only has a meaning as long as one is looking at the
"received:" headers from trustable relays: spammers may easily forge these
headers and their tokens outside of your internal/trust fence...
> thanks for your help, Andy.
You welcome,
Giampaolo
