So I saw on this list a comment about skipping SPF checks for
authenticated users, to use LOCAL_AUTH_RCVD like so:
header LOCAL_AUTH_RCVD Received =~ /\(authenticated as [EMAIL PROTECTED]) by
host.name.dom /
Well, I got this working properly but I found that it doesn't do
anything by itself. I can negative the SPF failure by using
score LOCAL_AUTH_RCVD -10
But negating the score is very different from actually skipping SPF and
DUL checks, which would save some processing that isn't useful.
Grepping for LOCAL_AUTH_RCVD in the source code shows that nothing else
looks for it. So this isn't "how to deal with it properly" it is a
recipe for "how to negate the score" which is entirely different.
Am I overlooking anything? Or do I need to change the code and submit a
patch so that a person can optionally avoid doing DUL and SPF checks on
authenticated e-mail?
--
Jo Rhett
Network/Software Engineer
Net Consonance
