Andrew Doughety wrote: > Hi, > We are trying to perform DNSBL checks on incoming mail and we are > not seeing any actual DNS queries. When looking at the code it seems > that the information on which IP(s) to check is obtained from > X-Originating and X-Apparently-From headers.
No, SA should be checking the IPs from the Received: headers. However, make sure your trust path is working correctly. If you ever see spam matching ALL_TRUSTED, then that email is going to be exempt from DNSBL tests. 9 times out of 10, this is the trust-path guesser being confused by a NAT config. See the wiki on how to fix this: http://wiki.apache.org/spamassassin/TrustPath
