Notes for MTA-Integration Developers
If you're calling SpamAssassin from inside an MTA or a gateway that performs scans during the SMTP transaction, you need to watch out for some slight differences in how SA needs to be called.
First of all, SA expects to find the names, HELO data, and IP addresses used in the SMTP transaction in the top-most Received header. If the gateway code doesn't add at least a pseudo-header containing this data, SA will not perform lookups correctly. See bug 2860 for a case where a sendmail 'milter' apparently did not provide this info, resulting in false positives.
Also, for some of the newer anti-spam schemes, we also need to know what the 'envelope sender' of the mail was – see EnvelopeSenderInReceived. If you can pass this data in as well, that helps