Why are you blaming SpamAssasin for those headers?
The 'Received:' header is a standard "trace" header that your MTA is
supposed to add to each message that it processes (see RFC-2822).
Note the end of the header you quoted, it even has Exim's name in it.
Not sure where that 'X-Identified-User' header comes from, maybe
it's an Exim thing. It's not a SA header. All headers that SA adds
start with 'X-Spam-' (eg: X-Spam-Report: or X-Spam-Status: ).
It could be that the "glue" you're using to connect SA with Exim is
adding those headers (or changing the Exim config, so it now adds them)
but that's not SA's responsibility. There are a variety of ways to connect
SA into a mail system, each with its own characteristics.
Do really even need to worry about this?
Under normal usage a user's reply does not pass back out such internal
headers, it removes them and generates new headers.
Regardless, this looks more like an Exim question than a SA question.
On Sun, 2 Sep 2012, [email protected] wrote:
Hello,
I've poked around the archives and faq and cannot find a solution for my
case. Our Church has a website hosted by a popular service and recently we
setup email accounts plus SpamAssassin. It is all working nicely except for
one alarming thing I found in spamassassin generated headers. They all now
mention our hosting service account name (foobar) in these areas:
Received: from foobar by hoster.com with local-bsmtp (Exim 4.76)
...
X-Identified-User: {2555:hoster.com:foobar:churchdomain.org}
I've attempted an exim filter to translate the account name to something else
but that does not seem to work. Is there any way to configure spamassassin so
exclude the user account from generated headers?
This is a huge security issue that can expose the account name when users
reply to incoming emails.
Thanks for all suggestions.
SA 3.3.1, with spamd started by server as:
/usr/bin/spamd -d --timeout-child=60 --allowed-ips=127.0.0.1
--max-conn-per-child=500 --pidfile=/var/run/spamd.pid --max-children=10
--max-spare=5
EXIM 4.76
Shared server:
Linux version 2.6.32-20120131.55.1.zzz.x86_64 ([email protected])
(gcc version 4.4.6 20110731 (Red Hat 4.4.6-3) (GCC) ) #1 SMP Tue Jan 31
15:43:27 EST 2012
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
