On Fri, May 10, 2002 at 01:42:01AM -0700, Marc MERLIN wrote:
> I believe I've asked this before, but it's biting me too often and I haven't
> yet found an answer to this:
Ok, so I'll take the lack of answer as "yes this is known, no, no fix yet"
I'm willing to see if I can hack what I need in (i.e. only do DUL against
the last received line before my host), but please someone tell me that
indeed, the feature needs to be written, and that I'm not missing something
or wouldn't otherwise be wasting my time.
> Let's take the following (complete) Received headers:
> Received: from scaup.mail.pas.earthlink.net ([207.217.120.49]:34177
> helo=scaup.prod.itd.earthlink.net)
> by mail2.merlins.org with esmtp (Exim 4.04 #98 (Debian))
> id 1763JV-0006hl-00
> for <[EMAIL PROTECTED]>; Thu, 09 May 2002 22:51:33 -0700
> Received: from pool0497.cvx20-bradley.dialup.earthlink.net ([209.179.251.242]
> helo=earthlink.net)
> by scaup.prod.itd.earthlink.net with smtp (Exim 3.33 #2)
> id 1763JQ-0004o7-00
> for [EMAIL PROTECTED]; Thu, 09 May 2002 22:51:28 -0700
>
>
> SA gives it a combined 4.8 score because it originated from a dialup IP
> (granted, I'm responsible for adding MAPS' DUL to the list of checks)
>
> * 1.3 -- Received via known spam-harbouring dialups
> * 2.0 -- Received via a relay in relays.osirusoft.com
> [RBL check: found 242.251.179.209.relays.osirusoft.com.]
> * 1.5 -- Received from dialup, see http://www.mail-abuse.org/dul/
> [RBL check: found 242.251.179.209.dialups.mail-abuse.org.]
>
> merlin@gandalf:~$ host 242.251.179.209.relays.osirusoft.com.
> 242.251.179.209.relays.osirusoft.com A 127.0.0.3
> which means dialup
>
> So if I understand correctly, you automatically get 2.0 for being on
> osirusoft, and then you get points on top of that (like 1.3 for being listed
> there as part of a DUL)
> In my case, I further lose since the same check against dialups.mail-abuse.org
> also returns a score.
>
> My biggest question is:
> Are there any plans to teach SA not to penalize (or only optionally
> penalize) people who Email me from a dialup IP _directly_, or is there
> already a way to do that?
> I could tell SA that my mailhost is mail2.merlins.org and that it should
> only apply DUL checks against the IP that directly connected to me.
>
> Another thing that should help is that I should be able to tell SA to apply
> the MAPS DUL score or the Osirus DUL score, but not both
> Or is there a way to do that that I don't know about?
Thanks
Marc
--
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/ | Finger [EMAIL PROTECTED] for PGP key
_______________________________________________________________
Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: [EMAIL PROTECTED]
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
