Eric A. Hall wrote:
On 10/25/2006 2:35 PM, Joe Flowers wrote:
If I pre-pend a message's Envelope to it's Body, can Spamassassin do
anything useful with it?
At a minimum you can use the envelope recipient(s) to do some kinds of
spam-trap filtering (eg, is the message addressed to a spamtrap and me).
You can use the envelope sender to do some kinds of whitelisting too (such
as whitelisting your aunt at yahoo even if the you have the whole yahoo
domain otherwise blacklisted, or whitelisting a mailing list "sender"). My
LDAPfilter plugin (http://www.ehsco.com/misc/ldapfilter/) uses them for
these kinds of purposes.
Other possibilities exist too. Envelope sender can be used for some SPF
filters that aren't currently done, for example.
The first problem is that there is no standard header field, and in the
case of envelope recipient(s) where there can be multiple entries, there
is no standard for the field data. I use X-Envelope-To and X-Envelope-From
with typical RFC822 address syntaxes (no "real name" blob, etc), but only
because I had nothing else to use and that structure seems to be the most
obvious and least harmful.
Another consideration is that they have to be created by the MTA, and
spamassassin doesn't have possession of the envelope data so it can't
create them. In my case I have to make postfix generate them in order for
them to be usable, and the LDAPfilter plugin has .cf options that point to
the header fields in questions (eg, "ldapfilter_env_from_header")
But yeah, if they are provided and if there is a way to tell spamassassin
where to look, they are very useful.
It should be mentioned that envelope To: is not there for a reason. :-(
Including it in the header will remove the privacy enabled by Bcc, so if
you have privacy considerations to worry about, you might think twice.
envelope data is available to milters, so SA running via a milter could
take this into consideration without including it in the header. Not
sure if it does, but other milters certainly do.
Ken A.
Pacific.Net
