http://bugzilla.spamassassin.org/show_bug.cgi?id=2462
jm@jmason.org changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |3221
nThis| |
------- Additional Comments From jm@jmason.org 2004-03-28 21:10 -------
this is a problem. we have no way of telling that the message was submitted via
SMTP AUTH. AFAIK, there's no standard format for that data; see the "TLSv1" and
"authenticated-bits" snippets in those log lines. How can we tell if the user
really did auth?
We can't blindly trust "TLSv1" tokens, since once spammers add the openssl libs
to their ratware, they can connect to MXes using TLS and use unauthenticated,
but encrypted, spam connections.
(however the "authenticated-bits" token may be useful to guess this, although
I'm mystified why that's "0".)
One way around this problem is to *not* scan mail submitted by authed users;
just scan the stuff coming in from non-authenticated SMTP connections from the
outside world. (having a separate "outgoing" MTA and an "incoming" MX MTA would
do this.)
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
jm@jmason.org changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |3221
nThis| |
------- Additional Comments From jm@jmason.org 2004-03-28 21:10 -------
this is a problem. we have no way of telling that the message was submitted via
SMTP AUTH. AFAIK, there's no standard format for that data; see the "TLSv1" and
"authenticated-bits" snippets in those log lines. How can we tell if the user
really did auth?
We can't blindly trust "TLSv1" tokens, since once spammers add the openssl libs
to their ratware, they can connect to MXes using TLS and use unauthenticated,
but encrypted, spam connections.
(however the "authenticated-bits" token may be useful to guess this, although
I'm mystified why that's "0".)
One way around this problem is to *not* scan mail submitted by authed users;
just scan the stuff coming in from non-authenticated SMTP connections from the
outside world. (having a separate "outgoing" MTA and an "incoming" MX MTA would
do this.)
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.