You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2009/04/29 05:16:22 UTC

[Bug 6105] Make AWL honor trusted_networks.

https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6105





--- Comment #1 from Theo Van Dinter <fe...@apache.org>  2009-04-28 20:16:22 PST ---
 foreach my $rly (reverse (@{$pms->{relays_trusted}},
@{$pms->relays_untrusted}}))) {
      next if ($rly->{ip_private});

As I read that, it means: find the first non-private IP that is involved with
this mail chain.  This lets you find out the original sender (ie: furthest
public IP), not necessarily any intermediate mail servers like ISP, etc.  So
for example:

ME_CLIENT -> ME_SERVER -> private ... NAT ... public -> ISP_SERVER ->
YOUR_MAIL_ROUTER -> public ... rNAT ... private -> YOUR_SERVER

It'll run through:

ME_CLIENT seen at ME_SERVER -- private, skipped
ME_SERVER seen at ISP_SERVER -- takes, because it's the natted public IP

If you deal with trusted_networks, you'd always get ISP_SERVER as seen by
YOUR_MAIL_ROUTER.  So what if ISP_SERVER is really a random assortment of
possible servers ... all in different netblocks?  What you care about in that
case is ME_SERVER.

At least, that's my understanding of the AWL algorithm.


-- 
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.