You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by "Daryl C. W. O'Shea" <sp...@dostech.ca> on 2006/07/11 04:32:34 UTC
Postfix auth headers (Re: Problem with false-positives for SASL users)
For those using Postfix, bug 4980 has a patch to support the auth
headers, available in Postfix 2.3 and later, that can be used to extend
your trust path to authenticated users.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4980
Daryl
Re: Postfix auth headers (Re: Problem with false-positives for SASL
users)
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
On 7/11/2006 6:10 PM, martin f krafft wrote:
> also sprach Daryl C. W. O'Shea <sp...@dostech.ca> [2006.07.11.2356 +0200]:
>
>>If the host that adds the auth line in the received header is trusted
>>then the authenticated client will also be trusted.
>>
>>See the third case here: http://wiki.apache.org/spamassassin/DynablockIssues
>
>
> Okay, so the patch basically integrates this into trusted_networks?
> So if trusted_networks host adds the line, no RBL checks will be
> run?
If it results in no remaining untrusted hosts, then yes, RBL checks
would be skipped.
Daryl
Re: Postfix auth headers (Re: Problem with false-positives for SASL users)
Posted by martin f krafft <us...@mass.madduck.net>.
also sprach Daryl C. W. O'Shea <sp...@dostech.ca> [2006.07.11.2356 +0200]:
> If the host that adds the auth line in the received header is trusted
> then the authenticated client will also be trusted.
>
> See the third case here: http://wiki.apache.org/spamassassin/DynablockIssues
Okay, so the patch basically integrates this into trusted_networks?
So if trusted_networks host adds the line, no RBL checks will be
run?
--
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck
spamtraps: madduck.bogus@madduck.net
"administration for windows networks is similar to maintaining a 12
year old gm truck. brand new, w2k+3 already has 190k miles of wear."
-- jeremiah cornelius
Re: Postfix auth headers (Re: Problem with false-positives for SASL
users)
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
martin f krafft wrote:
> also sprach Daryl C. W. O'Shea <sp...@dostech.ca> [2006.07.11.0432 +0200]:
>> For those using Postfix, bug 4980 has a patch to support the auth
>> headers, available in Postfix 2.3 and later, that can be used to extend
>> your trust path to authenticated users.
>>
>> http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4980
>
> Nice, but I don't understand how it's supposed to work or what it
> does. Would you be so kind as to enlighten me?
If the host that adds the auth line in the received header is trusted
then the authenticated client will also be trusted.
See the third case here: http://wiki.apache.org/spamassassin/DynablockIssues
Daryl
Re: Postfix auth headers (Re: Problem with false-positives for SASL users)
Posted by martin f krafft <us...@mass.madduck.net>.
also sprach Daryl C. W. O'Shea <sp...@dostech.ca> [2006.07.11.0432 +0200]:
> For those using Postfix, bug 4980 has a patch to support the auth
> headers, available in Postfix 2.3 and later, that can be used to extend
> your trust path to authenticated users.
>
> http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4980
Nice, but I don't understand how it's supposed to work or what it
does. Would you be so kind as to enlighten me?
--
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck
spamtraps: madduck.bogus@madduck.net
<span tal:replace="here/signature" />