From 5335e189254be9fb209e876bba56187d6b0729df Mon Sep 17 00:00:00 2001
From: Stuart Gathman <stuart@gathman.org>
Date: Mon, 4 Jul 2005 21:06:31 +0000
Subject: [PATCH] Questions from email answered.

---
 CREDITS  |  3 +++
 faq.html | 30 ++++++++++++++++++++++++++++++
 2 files changed, 33 insertions(+)

diff --git a/CREDITS b/CREDITS
index f32fdc3..c54a788 100644
--- a/CREDITS
+++ b/CREDITS
@@ -22,6 +22,9 @@ John Draper
   then pointing out that it would be easier to just write the MTA in Python.
 Eric S. Johansson
   for helpful design discussions while working on camram
+Alex Savguira
+  for finding bugs with international headers and
+  suggesting the scan_zip option.
 Business Management Systems - http://www.bmsi.com
   for hosting the website, and providing paying clients who need milter service
   so I can work on it as part of my day job.
diff --git a/faq.html b/faq.html
index d2fe279..96da784 100644
--- a/faq.html
+++ b/faq.html
@@ -141,6 +141,36 @@ is a milter declaration for sendmail.cf with all timeouts specified:
 <pre>
 Xpythonfilter, S=local:/var/log/milter/pythonsock, F=T, T=C:5m;S:20s;R:60s;E:5m
 </pre>
+<li> Q. There is a Python traceback in the log file!  What happened to
+	my email?
+<p>  A. When the milter fails with an untrapped exception, a TEMPFAIL
+result (451) is returned to the sender.  The sender will then retry every
+hour or so for several days.  Hopefully, someone will notice the 
+traceback, and workaround or fix the problem.
+
+<li> Q. I read some notes such as "Check valid domains allowed by internal
+	senders to detect PCs infected with spam trojans." but could not
+	understand the idea. Could you clarify the content ?
+
+<p>  A. The <code>internal_domains</code> configuration specifies which
+MAIL FROM domains are used by internal connections.  If an internal
+PC tries to use some other domain, it is assumed to be a "Zombie".
+<p>
+Here is a sample log line:
+<pre>
+2005Jun22 12:01:04 [12430] REJECT: zombie PC at  192.168.100.171  sending MAIL FROM  debby@fedex.com
+</pre>
+No, fedex.com does not use pymilter, and there is no one named debby at my
+client.  But the idiot using the PC at 192.168.100.171 has downloaded and
+installed some stupid weatherbar/hotbar/aquariumscreensaver that is actually a
+spam bot.
+<p>
+The <code>internal_domains</code> option is simplistic, it assumes all
+valid senders of the domains are internal.  SPF provides a much more general
+check of IP and MAIL FROM for external email.  Pymilter should soon
+have a local policy feature for more general checking of internal mail.
+
+<h3> Using SPF </h3>
 
 <a name="spf">
 <li> Q. So how do I use the SPF support?  The sample.py milter doesn't seem