On 10/29/20 6:51 AM, @lbutlr wrote:
Recently the behavior of spamass-milter or the underlying spamassasin has
changed such that the originating IP for secured submission email is being
tagged for PBL/Dynamic scores. This does;t happen often, but since all mail is
only accepted via TLSv1.2 this should not be happening.
The trouble is, it is happening so rarely I'm having trouble testing and trying
to fix it.
root 793 0.0 0.8 94396 29272 - Ss 21Oct20 0:18.07
/usr/local/sbin/spamass-milter -f -p /var/run/spamass-milter.sock -u spamd -r
10 -i 65.121.55.40/29 -i 127.0.0.1 -e covisp.net
root 5892 0.0 2.0 76688 69996 - Ss 01:19 0:03.90
/usr/local/bin/perl -T -w /usr/local/bin/spamd -u spamd -c -H /var/spool/spamd
-d -r /var/run/spamd/spamd.pid
I think I've seen three mails in the last 10 days have this issue.
So, what do I need to do to return to previous behavior were the originating IP
is not checked for dynamic/PBL when it's an authenticated submission?
If change is not out of the question, take a look at 'spamassassin-milter'
(https://gitlab.com/glts/spamassassin-milter)
It's reliably in use here for production for quite awhile now, and does have a
config option,
auth-untrusted
Treat authenticated senders as untrusted.
If this option is not used, authenticated senders are trusted, and their
messages are not processed with SpamAssassin.
which works as advertised, at least in my minimal testing.
