On 1/25/23 12:37, Matus UHLAR - fantomas wrote:
just the headers should be enough.
You can also post headers on site like pastebin.
Trying again, with fewer details...
Looking at a quarantined message, the only received header is (anonymized):
Received: from [192.168.xxx.xxx] (xxx-xxx-xxx-xxx.dyn.eolo.it [xxx.xxx.xxx.xxx])
(authenticated bits=0)
by xxxxxx.xxxxxxxxxxxxxxxxxxxxx.xx (8.17.1/8.17.1) with ESMTPSA id
30G71OZ7043441
(version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO)
for <xxxxxx.x...@xxxxxxxxxxxxxxxxxxxxx.xx>; Mon, 16 Jan 2023 08:01:24
+0100 (CET)
(envelope-from xxxxxxxx.xxxx...@xxxxxxxxxxxxxxxxxxxxx.xx)
Running this message through "spamassassin -D -t", I get:
dbg: received-header: parsed as [ ip=xxx.xxx.xxx.xxx
rdns=xxx-xxx-xxx-xxx.dyn.eolo.it helo=!192.168.xxx.xxx!
by=xxxxxx.xxxxxxxxxxxxxxxxxxxxx.xx ident=
envfrom=xxxxxxxx.xxxx...@xxxxxxxxxxxxxxxxxxxxx.it intl=0 >
dbg: received-header: authentication method ESMTPSA
dbg: received-header: relay xxx.xxx.xxx.xxx trusted? yes internal? yes msa? no
So, I'm tempted to conclude that I don't need to mess with
internal_networks, msa_networks, and trusted_networks, or call
synthesize_received_header in MIMEDefang.
Also, strangely, running through the command line, this give a score
close to 0 now.
We also have the ALL_TRUSTED rule which
Alas, for some reason, this does not seem to trigger :(
bye & Thanks
av.