You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by John Rudd <jr...@ucsc.edu> on 2005/08/25 01:46:48 UTC
Feature Request: dynamic trusted_networks
That sounds odd, doesn't it? "dynamic trusted_networks". The whole
point of a trusted network is that it's a specific network. However,
if a message came from a client who gave SMTP-AUTH, it ought to be
"trusted" (and not subjected to the blacklist checks). And that's what
my feature request boils down to:
If the message was authenticated on the most immediate relay, then give
a configuration option which says "trust this message as though it was
from a trusted_network". This could be as simple as allowing an
argument to "trusted_networks" which is a word such as "authenticated",
instead of being a network address.
Now, how to figure out whether or not the message was authenticated ...
I'm not sure what that fingerprint looks like, or if there is one such
fingerprint for all MTAs.
Re: Feature Request: dynamic trusted_networks
Posted by Thomas Hochstein <ml...@ancalagon.inka.de>.
"jdow" schrieb:
>> However,
>> if a message came from a client who gave SMTP-AUTH, it ought to be
>> "trusted" (and not subjected to the blacklist checks).
>
> Would you care to expound on your theory here. What makes you think
> a valid SPF is a sign of a good guy?
SMTP authentification has nothing - really nothing - to do with SPF.
-thh
Re: Feature Request: dynamic trusted_networks
Posted by John Rudd <jr...@ucsc.edu>.
On Aug 24, 2005, at 8:04 PM, jdow wrote:
> From: "John Rudd" <jr...@ucsc.edu>
>> That sounds odd, doesn't it? "dynamic trusted_networks". The whole
>> point of a trusted network is that it's a specific network. However,
>> if a message came from a client who gave SMTP-AUTH, it ought to be
>> "trusted" (and not subjected to the blacklist checks). And that's
>> what my feature request boils down to:
>
> Would you care to expound on your theory here. What makes you think
> a valid SPF is a sign of a good guy?
What makes you think SPF was in any way related to my message?
Perhaps some RTFMing is needed on your part.
Re: Feature Request: dynamic trusted_networks
Posted by jdow <jd...@earthlink.net>.
From: "John Rudd" <jr...@ucsc.edu>
>
> That sounds odd, doesn't it? "dynamic trusted_networks". The whole
> point of a trusted network is that it's a specific network. However,
> if a message came from a client who gave SMTP-AUTH, it ought to be
> "trusted" (and not subjected to the blacklist checks). And that's what
> my feature request boils down to:
Would you care to expound on your theory here. What makes you think
a valid SPF is a sign of a good guy? Spammers can SPF their own
messages. All it does is cut down on bot spam, a very little. I do
have SPF running here. I give it a small scoring range for the
various possible SPF results. SPF present and violated gets a modest
plus score. SPF present and honored gives a very slight negative.
It does not turn up in my top tens of anything, ham or spam. It might
be in the top ten of "tests that never hit anything." But I doubt it
even qualifies for that award.
> If the message was authenticated on the most immediate relay, then give
> a configuration option which says "trust this message as though it was
> from a trusted_network". This could be as simple as allowing an
> argument to "trusted_networks" which is a word such as "authenticated",
> instead of being a network address.
>
> Now, how to figure out whether or not the message was authenticated ...
> I'm not sure what that fingerprint looks like, or if there is one such
> fingerprint for all MTAs.
Me paranoid old bitch. Me not trust anybody. Since I have to trust
somebody I do, nominally. (Then I run LOTS of SARE rules as well.)
{^_^} As I say, "Me paranoid old bitch." I don't give spammers an
micron in the "trust" gamble.