Daryl C. W. O'Shea wrote:
> I suspect that the lack of affected mail in the scoring corpus is the
> reason why it's gone unnoticed. I'd been meaning to run tests to
> compare the hits between:
>
> -- notfirsthop and firstuntrusted
I'd love to see that.
> -- notfirsthop and "not private and not first hop"
>
Well, the current 'notfirsthop' in SA 3.1.0 is actually "notfirsthop,
notinternal, notprivate".
In sub check_rbl_backend they make use of "ip_list_uniq_and_strip_private" on
the fullexternal set of IPs..
They also have an explanation as to why they stopped using firstuntrusted.
-----------------
if ($set =~ /-notfirsthop$/)
{
# use the external IP set, instead of the trusted set; the user may have
# specified some third-party relays as trusted. Also, don't use
# @originating; those headers are added by a phase of relaying through
# a server like Hotmail, which is not going to be in dialup lists anyway.
@ips = $self->ip_list_uniq_and_strip_private(@fullexternal);
if (scalar @ips > 1) { pop @ips; }
}
------------------
Which makes sense. I guess really what you want isn't "firsttrusted".. really,
"firstexternal" wouldn't work either. You really need to know which machine is
acting as the MX so you can do "hostdroppingmailtoMX"
