On 1/25/23 12:37, Matus UHLAR - fantomas wrote:

just the headers should be enough.
You can also post headers on site like pastebin.

Trying again, with fewer details...

Looking at a quarantined message, the only received header is (anonymized):
Received: from [192.168.xxx.xxx] (xxx-xxx-xxx-xxx.dyn.eolo.it [xxx.xxx.xxx.xxx])
        (authenticated bits=0)
        by xxxxxx.xxxxxxxxxxxxxxxxxxxxx.xx (8.17.1/8.17.1) with ESMTPSA id 
30G71OZ7043441
        (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO)
        for <xxxxxx.x...@xxxxxxxxxxxxxxxxxxxxx.xx>; Mon, 16 Jan 2023 08:01:24 
+0100 (CET)
(envelope-from xxxxxxxx.xxxx...@xxxxxxxxxxxxxxxxxxxxx.xx)

Running this message through "spamassassin -D -t", I get:
dbg: received-header: parsed as [ ip=xxx.xxx.xxx.xxx 
rdns=xxx-xxx-xxx-xxx.dyn.eolo.it helo=!192.168.xxx.xxx! 
by=xxxxxx.xxxxxxxxxxxxxxxxxxxxx.xx ident= 
envfrom=xxxxxxxx.xxxx...@xxxxxxxxxxxxxxxxxxxxx.it intl=0 >
dbg: received-header: authentication method ESMTPSA
dbg: received-header: relay xxx.xxx.xxx.xxx trusted? yes internal? yes msa? no

So, I'm tempted to conclude that I don't need to mess with internal_networks, msa_networks, and trusted_networks, or call synthesize_received_header in MIMEDefang.

Also, strangely, running through the command line, this give a score close to 0 now.



We also have the ALL_TRUSTED rule which

Alas, for some reason, this does not seem to trigger :(



 bye & Thanks
        av.

Reply via email to