spamassassin-users October 2010 archive
Main Archive Page > Month Archives  > spamassassin-users archives
spamassassin-users: Verification that Network Mass-Checks use co

Verification that Network Mass-Checks use correct trusted_networks ?

From: <Darxus_at_nospam>
Date: Mon Oct 18 2010 - 01:38:43 GMT
To: users@spamassassin.apache.org

Could it be verified that the corpora being submitted for the weekly
Network Mass-Checks are coming from systems with correctly configured
trusted_networks and internal_networks? It's important for some of the
rules, and verifying it works seems inconvenient enough that it might have
been skipped, and I could see mail server setups changing over time making
old values invalid.

Verification that it's working isn't very straightforward, as far as I can
tell. You can add to your configuration:

 add_header all RelaysUntrusted _RELAYSUNTRUSTED_

And then make sure that in the resulting X-Spam-RelaysUntrusted headers
the first IP listed *is* the sending IP, and not an internal relay or
proxy or something.

For example:

X-Spam-RelaysUntrusted: [ ip=74.125.82.173 rdns=mail-wy0-f173.google.com
        helo=mail-wy0-f173.google.com by=panic.chaosreigns.com ident= envfrom= intl=0
        id= auth= msa=0 ]
Received: from mail-wy0-f173.google.com (mail-wy0-f173.google.com [74.125.82.173])
        by panic.chaosreigns.com (Postfix) with ESMTP
        for <darxus@chaosreigns.com>; Sun, 17 Oct 2010 16:47:52 -0400 (EDT)

The IP 74.125.82.173 from the X-Spam-RelaysUntrusted header matches the
Received header from the last untrusted relay.

-- "Let's just say that if complete and utter chaos was lightning, then he'd be the sort to stand on a hilltop in a thunderstorm wearing wet copper armour and shouting 'All gods are bastards'." - The Color of Magic http://www.ChaosReigns.com