Benny Pedersen wrote:
>>
>>
>> On Mon, December 8, 2008 05:25, [EMAIL PROTECTED] wrote:
>> > mouss said:
>>
>> bug:
>> Mail::SpamAssassin::Plugin::dbg("FromInTo: Comparing '$from' and
>> '$To");
>>
>> fixed line:
>> Mail::SpamAssassin::Plugin::dbg("FromInTo: Comparing '$from' and
>> '$To'");
>>
>> > well, I send mail to myself sometimes. The only way that this mail
>> > could go is either straight from the mailserver to my inbox
>>
>> ALL_TRUSTED or NO_RELAYS hits ?
>>
>> > (if I am logged in), or from my desktop client, via my mailserver,
>> > to the inbox.
>>
>> this should give ALL_TRUSTED
>>
>> > So it seems to me that any sender claiming to be _me_ would _auth_
>> > to the mailserver.
>>
>> yes
>>
>> > When I implemented this a while ago, some ebay mails violated that,
>> > and mails from monster.com. AFAIK, at least ebay has learned that
>> > such mails are likely to be caught by various reasons (DKIM?)
>>
>> DKIM is not a blacklister, but a whitelist based on if sender really
>> use monster.com mta mail server or not :)
>>
>>
Hi Benny,
my company mailserver is signing all outgoing mail, so I take the liberty to
reject some incoming
mail at the MTA level based on DKIM results.
Likewise, senders pretending to come from my domain are asked to auth at the
MTA level -
SA does not even see these mails
WOlfgang Hamann
