On 1/25/23 12:37, Matus UHLAR - fantomas wrote:
just the headers should be enough.
You can also post headers on site like pastebin.

On 25.01.23 15:34, Andrea Venturoli wrote:
Trying again, with fewer details...

Looking at a quarantined message, the only received header is (anonymized):

Received: from [192.168.xxx.xxx] (xxx-xxx-xxx-xxx.dyn.eolo.it [xxx.xxx.xxx.xxx])
       (authenticated bits=0)
       by xxxxxx.xxxxxxxxxxxxxxxxxxxxx.xx (8.17.1/8.17.1) with ESMTPSA id 
30G71OZ7043441
       (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO)
       for <xxxxxx.x...@xxxxxxxxxxxxxxxxxxxxx.xx>; Mon, 16 Jan 2023 08:01:24 
+0100 (CET)
       (envelope-from xxxxxxxx.xxxx...@xxxxxxxxxxxxxxxxxxxxx.xx)

Running this message through "spamassassin -D -t", I get:

dbg: received-header: parsed as [ ip=xxx.xxx.xxx.xxx 
rdns=xxx-xxx-xxx-xxx.dyn.eolo.it helo=!192.168.xxx.xxx! 
by=xxxxxx.xxxxxxxxxxxxxxxxxxxxx.xx ident= 
envfrom=xxxxxxxx.xxxx...@xxxxxxxxxxxxxxxxxxxxx.it intl=0 >
dbg: received-header: authentication method ESMTPSA
dbg: received-header: relay xxx.xxx.xxx.xxx trusted? yes internal? yes msa? no

So, I'm tempted to conclude that I don't need to mess with internal_networks, msa_networks, and trusted_networks,

Not here, because the "with ESMTPSA" means that mail was received encrypted ("S"ecure) and "A"utenticated. Configuring trusted_networks for mail submission is for clients submitting mail without authentication (which was very common >10 years ago and still persists somewhere).

or call synthesize_received_header in MIMEDefang.

With milter, you need to synthetize Received: header, because milter does see the mail as it came to your MTA, without the locally added Received: header.

Also, strangely, running through the command line, this give a score close to 0 now.

I guess it's just because of this Received: header that wasn't seen when mimedefang processed the mail.

We also have the ALL_TRUSTED rule which

Alas, for some reason, this does not seem to trigger :(

Perhaps there are other Received: headers in the e-mail?

--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
(R)etry, (A)bort, (C)ancer

Reply via email to