On 6/10/10 8:13 AM, Greg Troxel wrote:
Louis Guillaume<lo...@zabrico.com> writes:
On 6/9/10 7:40 AM, Karsten Bräckelmann wrote:
On Wed, 2010-06-09 at 01:51 -0400, Louis Guillaume wrote:
Recently I've had a lot of reports of returned mail from authenticated
users. The messages are being bounced on the way out.
You forgot to provide the reason (SA rules hit) for the messages being
scored above the threshold. We absolutely need them to help you.
They are various, and all valid. The rule evaluation is not the issue
here, it's the fact that the messages should never be passed through
SA to begin with.
The objective now is to tell spamass-milter to ignore authenticated
users, and I have not found anything to say how this is done.
I actually don't mind scoring mail from authenticated users. Once we
fix the ALL_TRUSTED problem (in spamass-milter I think) then only really
egregrious spam will get caught and that's probably ok.
Yes! This would be preferable to blindly trusting. Now I did not realize
there was a specific problem with ALL_TRUSTED. If I could see
ALL_TRUSTED happen for authenticated users I think I'd be happy.
I would not be surprised if you are getting scored up on PBL from users
on verizon etc.
This is essentially the problem. Authenticated users are getting on PBL.
Also some of their ISPs (Cable and Wireless) are not providing
reverse-dns lookups, some addresses are on RBLs and they don't seem to
be cleaning them before leasing them out. So while these messages are
not intended as spam, SpamAssassin is correctly flagging them as spam.
I think what is supposed to happen is
spamass-milter gets milter macros
spamass-milter makes a synthetic Received: line that is *not* in the
message as received. This proxies for the Received: line that the
MTAe would add. The synthetic line includes a notation that the
message was authenticated.
spamass-milter sends the synthetic Received: line plus message to spamd
spamd parses the synthetic received line and because of the auth line
treats the Received line as indicating a local submission instead of a
from-network hop. Thus ALL_TRUSTED fires. (I do not understand where
itn the code this happens, and I'm not sure if this is the plan.)
If you are using pkgsrc, then updating to spamass-milter-0.3.1nb3 will
bring in the Received header patch, bringing spamass-milter to head of
CVS via a patch (in Makefile, not a patches/ file). I committed nb3 on
2010-06-03. But, the Received header bug doesn't seem to bother SA. I
get the following causes/symptoms:
no macro i (or j??) ==> SA claims no received lines, big mess
no received: patch ==> no observed troubles
(spamass-milter doesn't tell SA about auth) ==> [
rbl checks run against authenticated user's IP address
lack of ALL_TRUSTED for authenticated user's mail
]
That last one seems to be my problem. Does the patch fix this? I'll try
updating and see what happens.
Thanks,
Louis
