Daryl C. W. O'Shea wrote:
> Cliff Stanford wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Justin Mason wrote:
> >
> > > Yes -- in SpamAssassin 3.2.0, it's picking up a more useful score:
> > > 0.509 in set 1 and 0.905 in set 3. (Not a huge score, but that's
> > > where the GA set it... its optimal score, given FPs and other
> > > rules it overlaps with.)
> >
> > I've just spotted a major flaw then that's going to hit me when
> > this changes.
> >
> > Not being an ISP, I have no idea what my users' IP addresses are at
> > any given time. They authenticate when using SMTP so that I will
> > accept and forward the mail but may well be using an ISP dial-up or
> > DSL account which is in the PBL (or even the XBL).
> >
> > How can I let SpamAssassin know that this is a mail from a trusted
> > source?
>
> http://wiki.apache.org/spamassassin/DynablockIssues
I believe that these users should be automatically trusted IF:
1) They are using SMTP Authentication, AND
2) Your mail server adds authentication information to its
Received line in the message header before handing the
message to SA
The docs imply that this is the case and I seem to remember that it
works this way, but I could not find it mentioned explicitly in the
docs.
--
Bowie
