blacklist_from vs. mail forwarders that resend

[Ken Olum <kd...@cosmos.phy.tufts.edu>]

I wonder if I could bring up again the problem of dealing with mail
forwarding services that resend the message rather than simply passing
it on.  For example, mail to the alum.mit.edu forwarding service is
passed on to the destination address with a Resent-From header giving
the alum.mit.edu address (which also appears as the envelope sender).
In other words, it looks exactly like a message that I had resent to
myself.  The reason they use this technique is to avoid problems with
DMARC records that say that mail with a given from field should be sent
by the servers associated with that organization, not by MIT.

If Resent-From is present, spamassassin uses it instead of From when
processing blacklist_from.  This would be the right thing to do if it
were a human resending the message to another human, but in this case
the actual originator is the one in the From field in spite of the
Resent-From.  This may not be the right way to forward email, but it's
what some places do, and it would be nice to be able to deal with it.

I know that I, as the local spamassassin administrator, can create a
test to check the From line for each address I want to blacklist.  But
it would be much nicer if users could just use blacklist_from.

So what about an option to ignore specific addresses in the Resent_From
field and go on to the actual From field when one of those addresses is
present?  Something like "ignore_resent_from add@ress.com".

                                        Ken