Matus UHLAR - fantomas:
Possible workarounds require trusting the Authentication-Results: header
either via SA milter (which would add synthetized Received: header after
it), or via SpamAssassin itself (trust headers added by "host" immediately
after last trusted/internal "Received" header.)
I prefer the second setup, as it's possible to re-check SA score for such
e-mail later.
I have tried receiving mail with fake Authentication-Results: header and it
got deleted by opendkim-milter, to opendkim-milter may be trusted for this
setup.
SA would need an option which hosts to trust Authentication-Results: from.
On 18.05.21 14:12, David Bürgin wrote:
To the SpamAssassin developers: Would you consider adding a
configuration option to trust *all* Authentication-Results headers with
a certain authserv-id
(https://www.rfc-editor.org/rfc/rfc8601#section-2.5)? That would be very
helpful for setups that (securely) manage Authentication-Results headers
themselves.
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=6918
I'll add the info there.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Emacs is a complicated operating system without good text editor.
