From: "John Rudd" <[EMAIL PROTECTED]>
That sounds odd, doesn't it? "dynamic trusted_networks". The whole
point of a trusted network is that it's a specific network. However,
if a message came from a client who gave SMTP-AUTH, it ought to be
"trusted" (and not subjected to the blacklist checks). And that's what
my feature request boils down to:
Would you care to expound on your theory here. What makes you think
a valid SPF is a sign of a good guy? Spammers can SPF their own
messages. All it does is cut down on bot spam, a very little. I do
have SPF running here. I give it a small scoring range for the
various possible SPF results. SPF present and violated gets a modest
plus score. SPF present and honored gives a very slight negative.
It does not turn up in my top tens of anything, ham or spam. It might
be in the top ten of "tests that never hit anything." But I doubt it
even qualifies for that award.
If the message was authenticated on the most immediate relay, then give
a configuration option which says "trust this message as though it was
from a trusted_network". This could be as simple as allowing an
argument to "trusted_networks" which is a word such as "authenticated",
instead of being a network address.
Now, how to figure out whether or not the message was authenticated ...
I'm not sure what that fingerprint looks like, or if there is one such
fingerprint for all MTAs.
Me paranoid old bitch. Me not trust anybody. Since I have to trust
somebody I do, nominally. (Then I run LOTS of SARE rules as well.)
{^_^} As I say, "Me paranoid old bitch." I don't give spammers an
micron in the "trust" gamble.
