How can I write custom rules that test where the mail came from, ie, the
IP address noted by the first received header in my trusted networks?
I've seen http://wiki.apache.org/spamassassin/TrustPath, but it doesn't
explain how to do this.
Do I need to add:
add_header all RelaysUntrusted _RELAYSUNTRUSTED_
to my config and then write rules that match the header it adds? Is
this meant for production or just for testing?
I want to do this because there are some senders who are vulnerable to
phishing or forgery but still don't bother to use SPF or DKIM. I can
work out who they use as outbound servers through by learning from
traffic patterns, and I want to give some SA credit when they're sending
through known servers.
Anyone suggest a way to do it?
Cheers,
Alex
