Hi Gary, Now then I've read your reply and gave it another thought, I think you're right. This is not the right tool for whitelisting internal server users.
I'll try one of your bypassing examples on http://www200.pair.com/mecham/spam/bypassing.html Best Regards, Leon Kolchinsky -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gary V Sent: Saturday, December 02, 2006 9:20 PM To: [email protected] Subject: Re: [AMaViS-user] SA whitelist usage Leon wrote: > So, if I got you right > If I want to whitelist_from_rcvd to work for users of my own server I should > delist it from trusted_networks and internal_networks (i.e. 127/8 should > never be included)? > This way the first untrusted server would be my own, right? > # Internal > clear_internal_networks > internal_networks 127/8 IP_of_first_mail_relay IP_of_second_mail_relay > # Trusted > clear_trusted_networks > trusted_networks 127/8 IP_of_first_mail_relay IP_of_second_mail_relay > Becomes: > # Internal > clear_internal_networks > internal_networks IP_of_first_mail_relay IP_of_second_mail_relay > # Trusted > clear_trusted_networks > trusted_networks IP_of_first_mail_relay IP_of_second_mail_relay > and now: > whitelist_from_rcvd [EMAIL PROTECTED] mydomain.net.il > Would work as it should? I think you are using the wrong tool. If you properly list your internal network (127/8 is in your internal network and therefore should be included) then senders in your network will benefit from ALL_TRUSTED which is a form of whitelisting. If the mail comes from an internal network, then there are a number of tests that will be skipped (to the senders benefit). Let's say your network is 666.666.666.0/24. Your clients are in this network. Let's say the client wanting the send mail is 666.666.666.113 and your email server is 666.666.666.12. clear_internal_networks internal_networks 127/8 666.666.666.0/24 clear_trusted_networks trusted_networks 127/8 666.666.666.0/24 Mail sent from anyone in your network will now benefit from ALL_TRUSTED. Let's say you have a sender [EMAIL PROTECTED] and the last host (according to rDNS) in the chain to relay mail to your network (the first untrusted host) is host.example.com (but is could also be host2.example.com). You will want to set: whitelist_from_rcvd [EMAIL PROTECTED] example.com whitelist_from_rcvd is not the right tool to whitelist senders inside your network. It's better suited to whitelist senders outside your network. The right way to do help out senders in your network is to properly set up the trust path. Don't just include the IP address of your sever, include your entire network so any user that sends mail from your network benefits. Gary V ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
