>> The full report contained within the rest of the message claims that >> SA is looking in the Received headers for the forging, and call me >> crazy, but I don't see any hotmail.com in the Received headers here. >> The scenario here > > Exactly. The mail has a hotmail from address, but nothing in the > Received headers says it came from hotmail, so it gets flagged.
I believe the logic is hosed there, then. There's nothing wrong with announcing that your email address is @hotmail.com when sending through another machine. I believe "forged received: header" should mean "this mail server announced themselves as hotmail.com when their dns name resolves to something else." Involving the Received header in this rule just doesn't make any sense. John -- John Madden UNIX Systems Engineer Ivy Tech State College [EMAIL PROTECTED] ------------------------------------------------------- This SF.NET email is sponsored by: Thawte.com Understand how to protect your customers personal information by implementing SSL on your Apache Web Server. Click here to get our FREE Thawte Apache Guide: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0029en _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
