"Christopher X. Candreva" <[EMAIL PROTECTED]> writes: > Before I submit a bug report on this I wanted to check my understanding. > > If I get what's going on, RBL checks such as NJABL_DIALUP and DYNABLOCK > are checked, and weigh in heavily when they are the last hop before local > machines, so even if a dynamicly listed IP is in the Received, it shouldn't > trigger the rule if they used their own mail relay.
That's right. Those rules are not really intended to be used by the first relay. > If this is true: > > We are an ISP providing relay to people, sometimes on outside dial-ups, > through SMTP AUTH. If one of these people sends mail directly to us, > the 3.5 RCVD_IN_NJABL_DIALUP and 2.6 RCVD_IN_DYNABLOCK rules trigger, which > are enough to send it over the 5.0 limit. Ouch. > Would it be correct to have these rules also look for an SMTP AUTH record in > the Received: lines for local delivery ? If the connection in was > authenticated, that should be a good indication it isn't spam. Yes, although you want to be careful to avoid having those be forgeries. > Would this be better as it's own rule (-50 for SMTP AUTH connections), or > as a modifier to the RBL rule ? I think it would be better to modify the Received header code or the RBL code to not run those rules on authenticated connections. I think it would be better to extend trust to those relays. If they're your own IPs, you could just extend trust to them. For external IPs, some sort of configuration option is probably needed, like a local regexp that would indicate that trust can be trusted. Please go ahead and submit a bug. Daniel ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
