Good afternoon, Raymond, all,
(Raymond, you probably already know this, but I wanted to quickly
cover it for other people that may also be considering whether or not to
use AWL).
On Sun, 19 Sep 2004, Raymond Dijkxhoorn wrote:
> >> I gotta think this isn't gonna happen... but anyone know if it can? If so,
> >> I'm not going to enable AWL on my server.
> >
> > To the best of my knowledge, this has already been addressed.
> > What goes in the AWL isn't just the raw email address, it's the email
> > address plus the first two octets of the source IP address. For someone
> > to successfully attack this way, the attacker would need a legal IP
> > address in the same class B network as the legitimate sender.
> > If sent from a different network, the +1000 user would show up in
> > a different AWL entry than the legitimate sender.
>
> We turned off AWL, we had a customer that forwarded two spam messages to
> our helpdesk, the third normal message never came in, since his AWL beat
> him...
That's a different issue. If the customer used _forward_ rather
than _bounce_, SA treats the entire message as coming from that email
address and class B network, so yes, the customer's AWL score will be
hurt.
This is why people are encouraged to _bounce_ the original
message, so the sender email address is still the original one, and then
won't hurt the customer.
http://www.stearns.org/doc/spamassassin-setup.current.html#autoreporting
http://www.stearns.org/doc/spamassassin-setup.current.html#restrictreport
http://www.stearns.org/doc/spamassassin-setup.current.html#redirect
Cheers,
- Bill
---------------------------------------------------------------------------
"Nothing in the Constitution compels us to listen to or view any
unwanted communication, whatever its merit....The ancient concept that
`a man's home is his castle' into which `not even the king may enter'
has lost none of it vitality....We therefore categorically reject the
argument that a vendor has a right under the Constitution or otherwise
to send unwanted material into the home of another. If this prohibition
operates to impede the flow of even valid ideas, the answer is that no
one has a right to press even `good' ideas on an unwilling recipient.
That we are often `captives' outside the sanctuary of the home and
subject to objectionable speech and other sound does not mean we must be
captives everywhere....The asserted right of a mailer, we repeat, stops
at the outer boundary of every person's domain."
-- Chief Justice Burger, U.S. Supreme Court
http://www.euro.cauce.org/en/freespeech.html#rowan
--------------------------------------------------------------------------
William Stearns ([EMAIL PROTECTED]). Mason, Buildkernel, freedups, p0f,
rsync-backup, ssh-keyinstall, dns-check, more at: http://www.stearns.org
--------------------------------------------------------------------------
