RW a écrit : > On Tue, 28 Apr 2009 22:14:21 -0400 > Matt Kettler <mkettler...@verizon.net> wrote: > >> Matt Kettler wrote: >>> LuKreme wrote: >>> > >>> Of course, first, or last depends on your perspective. I assume RW >>> was thinking of "first" from a "starting at the inside, working >>> backwards in time" approach. This is backwards, if you think about >>> the chronology of the headers, like SA does. However, it makes >>> sense from a "I'm at my server looking outward at the world" point >>> of view that most folks work from when thinking about network >>> topologies. >> Darnit, I should have checked before sending. >> >> The AWL uses the LAST non-private.. > > Maybe one of us is reading the perl wrong (and it could well be me), or > we are talking at cross purposes. As I see it, it's going through the > list of IP address, starting with the mail client and working its way > towards the SA Server. When it finds a routable IP address it sets > origip and breaks-out of the loop. > > By your cronological definition of first and last (which is the same as > mine), that's the the FIRST non-private address. > > It makes sense to me, if I send you an email, the AWL entry should use > my IP address not a random gmail server. >
gmail and the like are special cases and could be handled via DNSWL or the like. on the other hand, a spammer can forge Received headers. and this is a serious problem. Using "untrusted" received headers is broken. another approach would be to check both (the last external hop and the first possibly-fake "out relay") and use "the worst" result. but this is easier to say than to assess... >> This is, IMO, completely broken. Why are we allowing folks to declare >> internal_networks if we're not going to use it, and assume the last >> non-private is "external". (which, mind you, is different from what >> the trust-path guesser does. It assumes that IP is your MX.) > >
