On Thu, 2013-11-28 at 17:02 -0500, Kris Deugau wrote:
> Sergio Durigan Junior wrote:
> > UNPARSABLE_RELAY was happening because I modify the headers of
> > every message sent through my server in order to anonymize the
> > sender's IP address;
Do NOT do that.
SA absolutely must have the full, complete, raw, unmodified and unharmed
message. By removing, masking or modifying any data of the original
before feeding it to SA you are eliminating data otherwise used for
classification. Even more important in the case of the Received headers,
in particular the handing-over IP address.
A person, species human (email message, RFC 2822) hands candy to a kid
and invites it to get into his car for a ride. The "anonymizing" you
performed on the headers is equivalent to the kid (your SA instance)
being unable to distinguish between its parents and a stranger -- or
rather always acting on the assumption of knowing and deeply trusting
the person.
The sender (handing-over IP) of a message must not be anonymous.
If for whatever reason you want the sender to be anonymous to the final
recipient, go ahead and slaughter headers *after* you asked SA to decide
weather it's spammy or not.
> I'm not quite sure I understand what you're trying to obscure, and
> chances are it's causing a lot of your trouble. Disable this for a
> while and see what happens.
>
> If you must do this, ensure it only happens on *outbound* email. Based
> on your two examples, you're applying this Received: munging to incoming
> mail as well, because otherwise you'd have a Received header added by
> your server showing the remote IP your server received the message from.
*nod* This is causing major trouble. And I strongly agree, anonymizing
(internal?) IP addresses and SMTP hops might be desirable for outgoing
mail. But it's a no-go for incoming.
> As it stands, it looks to me as if pretty much all inbound mail will
> appear to be coming from 127.0.0.1, and so ALL_TRUSTED will fire for
> -1.8 points, and you won't get any hits on any IP address DNSBLs. Nor
> will a fairly extensive set of other rules give you any benefit; they
> have nothing to work with.
--
char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
