On Thu, 18 Jun 2015 12:29:44 +0200 Matus UHLAR - fantomas wrote: > On 18.06.15 09:11, Franz Schwartau wrote:
> >The lastest (third) Received header causes $helo to be set to > >'localhost'. > > > >It would make more sense if TxRep uses the lastest (first) Received > >header setting $helo to 'mail-wi0-f175.google.com'. > > shouldn't that logically be more like lasttrusted header? last-trusted is the correct generic way of putting it (often the top header is purely internal). But that's not what TxRep is trying to do. The last-trusted helo is under the control of the sender, so there's no strong reason to prefer last-trusted on grounds of trust. And last-trusted is better tracked through IP address or rdns anyway. What TxRep is trying to do is track the helo from the original sender as this can sometimes track a sending device across multiple services and IP addresses. Aside from deliberate forgery this is going to fail in all kinds of cases (e.g. webmail for one), and I doubt there's any good way of fixing it. IIWY I'd just weight it at zero. IMO TxRep is a bit of a mixed-bag, it is a better AWL, but I'm sceptical about some of it's additional features. The reason why score averaging is appealing is that it doesn't require knowing whether an email is spam or ham, but it is important to partition the mail so that you're averaging either spam or ham together, but not both. The average score of a mix of spam and ham is a pretty meaningless, apples and oranges average. Forgery aside, AWL's email and IP address combination does this pretty well. TxRep fixes the IP address forgery problem, and fixes some other minor problems, but then it introduce some additional things into the average that are either mixed-sources, forgeable or unreliable.
