------- You are receiving this mail because: -------
You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=996
Thanassis Tsiodras <ttsiodras@???> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ttsiodras@???
Status|NEW |RESOLVED
Resolution| |FIXED
--- Comment #2 from Thanassis Tsiodras <ttsiodras@???> 2010-06-06 10:37:00 ---
Thank you for the pointer. I read that the "MAIL FROM" exchanged
during SMTP startup is the one used in SPF checks, and it is added in
the "Return-Path" of the mail headers.
I am now realizing that SPF checks use "MAIL FROM" and not the message
body "From:" because of mail forwarders... e.g. in a mailing list, if
personA posts a message (and the list must forward it to N recipients)
then "MAIL FROM" will be set to the mailing list, but message body's
"From" will be set to the actual original sender - personA - of the
list... So SPF *has* to check the "MAIL FROM"...
So if the above is correct, the only explanation for the spam message
I showed above is that it passes the SPF check because the spammer
behind it has taken over the node with the valid - SPF-wise - IP
address...
Bloody spammers!
--
Configure bugmail:
http://bugs.exim.org/userprefs.cgi?tab=email
