On Fri, 07 Jun 2019 15:17:56 -0400 Bill Cole wrote: > On 7 Jun 2019, at 12:52, Niamh Holding wrote: > > > Hello RW, > > > > Friday, June 7, 2019, 5:21:01 PM, you wrote: > > > > R> This is the reason: > > R> > >>> X-Originating-IP: 162.208.32.167 > > > > > > R> Perhaps the rule should be modified to test for by=\S > > > > It's certainly not a Received: header so should not be checked. > > You are free to change this locally. See the documentation of > originating_ip_headers (perldoc Mail::SpamAssassin::Conf) > > SA uses X-Originating-IP and the other headers specified in > originating_ip_headers to synthesize a logical relay event because in > many cases that can be an accurate representation of how a message > was initially submitted to the Internet mail system.
But when a rule is trying to detect a forged received header, it should take reasonable steps to avoid matching such a relay, which is what I think she was trying to say.
