Re: Recognizing Sendmail's authentication -- patch included (WAS: How is LOCAL_AUTH_RCVD used?)

[Jo Rhett <jr...@netconsonance.com>]

On Dec 5, 2006, at 2:02 AM, David B Funk wrote:
> Jo you are mistaken. Sendmail adds the "(may be forged)" comment when
> the client's IP rDNS and DNS don't match, it has -nothing- to do  
> with the
> HELO name.

RTFC            (...code)

If the hello is numeric or non a domain name, the "may be forged" is  
*NOT* added to the Received line. It's only added when what Sendmail  
was told appears to be false.

> It still should not matter. So long as the client can authenticate to
> the server's statisfaction, SA should honor its decision regardless of
> how bogus the HELO or client's DNS entrys look.

That's your argument.  That may not have been the thought process of  
the person who wrote that rule, was all I was trying to say.

-- 
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source  
and other randomness

Re: Recognizing Sendmail's authentication -- patch included (WAS: How is LOCAL_AUTH_RCVD used?)

["Daryl C. W. O'Shea" <sp...@dostech.ca>]

Jo Rhett wrote:
> 
> On Dec 5, 2006, at 2:02 AM, David B Funk wrote:

>> It still should not matter. So long as the client can authenticate to
>> the server's statisfaction, SA should honor its decision regardless of
>> how bogus the HELO or client's DNS entrys look.
> 
> That's your argument.  That may not have been the thought process of the 
> person who wrote that rule, was all I was trying to say.

Just an oversight.  I have no ham that is both authenticated and 
includes the "may be forged" comment so I missed considering it in the 
regex.

Daryl