Before I submit a bug report on this I wanted to check my understanding.
If I get what's going on, RBL checks such as NJABL_DIALUP and DYNABLOCK
are checked, and weigh in heavily when they are the last hop before local
machines, so even if a dynamicly listed IP is in the Received, it shouldn't
trigger the rule if they used their own mail relay.
If this is true:
We are an ISP providing relay to people, sometimes on outside dial-ups,
through SMTP AUTH. If one of these people sends mail directly to us,
the 3.5 RCVD_IN_NJABL_DIALUP and 2.6 RCVD_IN_DYNABLOCK rules trigger, which
are enough to send it over the 5.0 limit.
Would it be correct to have these rules also look for an SMTP AUTH record in
the Received: lines for local delivery ? If the connection in was
authenticated, that should be a good indication it isn't spam.
Would this be better as it's own rule (-50 for SMTP AUTH connections), or
as a modifier to the RBL rule ?
This is the header we added for an authenticated connection (sendmail
8.12.9):
Received: from DadsMachine (ool-435759ac.dyn.optonline.net [67.87.89.172])
(authenticated bits=0)
by westnet.com (8.12.9/8.12.9) with ESMTP id h7QFfmTS012301
for <[EMAIL PROTECTED]>; Tue, 26 Aug 2003 11:41:49 -0400 (EDT)
-Chris
==========================================================
Chris Candreva -- [EMAIL PROTECTED] -- (914) 967-7816
WestNet Internet Services of Westchester
http://www.westnet.com/
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
