You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Justin Mason <jm...@jmason.org> on 2005/10/20 18:35:59 UTC
Re: SA 3.1 X-headers prepended instead of appended
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
karlp@ourldsfamily.com writes:
> On Thu, October 20, 2005 8:52 am, qqqq said:
> > All,
> >
> > I finally took the leap to SA 3.1 but am confused as to why the SA
> > X-Headers are prepended to the message and not
> > appeneded like the previous versions. This is causing havoc on my
> > Blackberry. Is this normal?
>
> I believe this is causing havoc with my email. I'm getting ALL_TRUSTED
> email that is clearly NOT from within my trusted network. Yes, I have
> manually set trusted_networks.
>
> My thought is that since the X- headers are put right after the
> Return-Path: header, which is the first line of the header, that SA isn't
> checking the rest of the header. At least that's why it looks like as the
> rest of the Received: headers are from untrusted hosts.
no, it doesn't work like that.
you could try opening a bug and attaching a "before" and "after" copies,
where "after" is the results of spamassassin -t.
- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Exmh CVS
iD8DBQFDV8dvMJF5cimLx9ARAkbwAKCg8kGlvUk4n6ZLON7J0WWlpzTj8wCgrvAW
l6pH8gN6mIYfI+Zrv0xHsHw=
=ockY
-----END PGP SIGNATURE-----
Re: SA 3.1 X-headers prepended instead of appended
Posted by ka...@ourldsfamily.com.
On Thu, October 20, 2005 10:35 am, Justin Mason said:
> karlp@ourldsfamily.com writes:
>> On Thu, October 20, 2005 8:52 am, qqqq said:
>> > I finally took the leap to SA 3.1 but am confused as to why the SA
>> > X-Headers are prepended to the message and not
>> > appeneded like the previous versions. This is causing havoc on my
>> > Blackberry. Is this normal?
>> I believe this is causing havoc with my email. I'm getting ALL_TRUSTED
>> email that is clearly NOT from within my trusted network. Yes, I have
>> manually set trusted_networks.
>> My thought is that since the X- headers are put right after the
>> Return-Path: header, which is the first line of the header, that SA
>> isn't checking the rest of the header. At least that's why it looks
>> like as the rest of the Received: headers are from untrusted hosts.
>
> no, it doesn't work like that.
>
> you could try opening a bug and attaching a "before" and "after" copies,
> where "after" is the results of spamassassin -t.
With that in mind, I just had the thought that I've 'broken' the
trusted_networks line. Currently I have:
trusted_networks 172.20.20/24 10/8 127/8 198.60.114.90
where:
172.20.20. is my firewall subnet
10. is the internal subnet
127. localhost (duh)
198.60.114.90 is my public IP <=- this is where I think I may be
breaking the thing. Should that IP be 'trusted' or will that cause
spoofing problems to get by SA? Also, is the format correct?
Your help is greatly appreciated.
Karl