> Just a guess ... because the "From" address is not > "[EMAIL PROTECTED]"?
I thought the from rule worked on the envelope sender of the email and not the easily forged from header :(
You mean on the easily forged envelope sender instead of the easily forged from header ? :)
Envelope sender is just as easily forged as the head from address, both are provided by the original SMTP sender...
*Everything* on an email is trivially forgable except for the transit header added by the *final* mailserver, which includes the ip address of the server immediately prior to it.
Once you realise this, you can see how whitelisting is easy to fool...(and why spammers have a field day including bogus headers...)
Regards, Simon
------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
