Jo Rhett wrote:
And considering that SpamAssassin doesn't (in many configurations)
even know what recipient address a message has, it might actually be
easier than having the AWL ignore mail from self->self.
It has to, for the AWL to work.
No, it hasn't. The AWL only uses the *senders* address and the IP
address of the client. It doesn't use the recipients address.
The AWL helps discriminate between senders. Not sender->recipient
pairs.
As long as the MSA adds authentication info in it's received header,
this could be fetched from "X-Spam-Relays-Trusted" pseudo header. The
changes to do this would not be more difficult or invlolved than the
changes necessary to exempt self->self mail from the AWL AFAICS.
Easy or not, I don't see the value just yet.
Including the authentication state in the AWL key would
1: Fix the problem you reported (unless I misunderstood you)
2: Fit with the current function of the AWL (discriminating
between senders with no regard for recipient addresses).
The AWL wouldn't work if it didn't know the recipient. Since this is
something it stores in the AWL database we know that the recipient
information is there.
That's strange, considering that the AWL does work now, and it
doesn't know the recipient.
Also, the AWL doesn't store the recipient address in the database.
If you use SQL base AWL, Mail::SpamAssassin::SQLBasedAddrList
will store a username in the database, but neither
Mail::SpamAssassin::Plugin::AWL nor
Mail::SpamAssassin::AutoWhitelist knows anything about that AFAICS.
Also, the username in the database might or might not be the
recipients address or username. This depends entirely on how the
system is setup. Here it is either "mdf" or "spamd", and never
the recipients address or local username (the local users aren't
on the same machine as SA, so it knows nothing about them).
You've presented good logic for acceping mail from self to self. But
you haven't explained by using the AWL for mail from self to self is
better than not having it.
Because it can help discriminate between spam and ham addressed
from self to self. Heres an example:
StupidWebService send self->self addressed ham from relay 1.2.3.4
EvilSpammer send self->self addressed spam from relay 5.6.7.8
(wich, unfortunately, belongs to a big ISP so the relay doesn'ät
get blocked).
One day StupidWebService send a ham that triggered a bunch of
positive hits (including BAYES_99). Since mail from [EMAIL PROTECTED] has
a negative score in the AWL, the mail gets though all right.
One day EvilSpammer manages to send a mail that doesnät hit any
positive rules, but does hit BAYES_00. Since [EMAIL PROTECTED] has a high
positive score in the AWL, the mail still gets flagged as spam.
If the AWL ignore mail from self->self, the two mails in the
above example would have been misclassified.
Regards
/Jonas
--
Jonas Eckerman, FSDB & Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
