This is a discussion on RE: Problems with Received: header checks and ALL_TRUSTED rule... - SpamAssassin ; > > I've just discovered something rather interesting after I enabled the > msa_networks feature in local.cf. What's happening is this: > > 1/ spam arrives at the sendmail box from someone who has used a > non-existent email address ...
> I've just discovered something rather interesting after I enabled the
> msa_networks feature in local.cf. What's happening is this:
> 1/ spam arrives at the sendmail box from someone who has used a
> non-existent email address in our domain
> 2/ spamassassin clearly marks this as spam, sendmail adds the necessary
> headers, modifies the subject and relays to exchange
> 3/ if exchange is configured to send a copy of received email to an
> external account OR the message is destined for a non-existent mailbox,
> exchange will initiate a connection with sendmail either for forwarding
> mail or for NDR
> 4/ since the exchange box is now trusted via msa_networks, the email
> receives a clean bill of health from spamassassin and sendmail proceeds
> to remove the headers previously added for the incoming message except
> for the subject line which is left with the previously changed header!
> How can I tell sendmail milter not to remove any of the headers as the
> email message is really still spam???
> Although we could drop all spam and forget about this whole issue,
> company policy dictates that any email destined to an existing recipient
> mailbox will be delivered be it spam or not (false positives in the past
> have left many weary of lost email)!
The MTA should not accept email for non existent email addresses