You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2005/09/21 08:00:35 UTC

[Bug 4425] [review] whitelist_from_rcvd shouldn't look at trusted headers if untrusted ones exist

http://bugzilla.spamassassin.org/show_bug.cgi?id=4425


spamassassin@dostech.ca changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |spamassassin@dostech.ca
            Summary|numeric hello in Received   |[review] whitelist_from_rcvd
                   |headers fools spamassassin  |shouldn't look at trusted
                   |                            |headers if untrusted ones
                   |                            |exist




------- Additional Comments From spamassassin@dostech.ca  2005-09-20 23:00 -------
+1 to Bob's patch -- it fixes the bug.

Ken's issue can't be avoided and is a side effect of not setting his
trusted_networks manually (which I wish was mandatory).

Retitling since the bug has nothing to do with the helo IP.  The bug is that
_check_whitelist_rcvd shouldn't look at trusted hosts if untrusted ones are
present since forged mail "from" your domain will always match
whitelist_from_rcvd entries for your own domain.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.