I'd start with a disclaimer that I wish I could just make policy changes
or change our current infrastructure. I can however make any necessary
configuration changes.
We have an issue with 'remote' users that send email directly thru us
from their homes. Here's a brief description of what happens with a
message.
* User sends email using authenticated submission port to mail server
(465 or 587 - Zimbra/postfix/amavisd-new)
* Message goes to an internal MTA server (sendmail-dual/amavisd-new)
* Message goes around internal mailing list server for approval and
comes back to internal MTA (sendmail-dual/amavisd-new)
* Message goes to mail server (zimbra/postfix/amavid-new)
So I need to figure out how to graylist the message since the user
authenticated to begin with, however I also need to propagate this to
the internal MTA server and back to the mail server, to let it know that
the message was authenticated.
The submission port is used internally as well as externally. No
problems when messages are originated internally as everything falls
within MYNETWORKS. The problem is with these authenticated users. I
know I could configure postfix to point to a different policy bank and
add a lower score, right? Someone suggested me to add a custom header
and then add an SA rule later on. But this would be very easy to fake.
I would have to make sure this custom rule is different if it's not
authenticated (and/or get's removed if there are multiple of them)...
Any ideas? As you can see, the final score is very high, with a very
high score due to the DYNAMIC_IPADDR rule. The other amavis checks done
earlier on have been as high as well. Thank you very much in advance.
Here are some sample headers...
Received: from SERVER (xxx.xxx.xxx.xxx) by
SERVER with LMTP; Mon, 22 Mar 2010 11:13:58 -0400 (EDT)
Received: from localhost (localhost.localdomain [127.0.0.1])
by SERVER (Postfix) with ESMTP id 521F2AD281EB;
Mon, 22 Mar 2010 11:13:11 -0400 (EDT)
X-Virus-Scanned: amavisd-new at SERVER
X-Spam-Flag: YES
X-Spam-Score: 6.994
X-Spam-Level: ******
X-Spam-Status: Yes, score=6.994 tagged_above=-10 required=6.6
tests=[AWL=0.000, BAYES_50=0.001, DNS_FROM_OPENWHOIS=1.13,
DYN_RDNS_AND_INLINE_IMAGE=0.001, FH_HELO_EQ_D_D_D_D=0.001,
HELO_DYNAMIC_IPADDR=2.426, HTML_IMAGE_ONLY_24=1.552,
HTML_MESSAGE=0.001, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877,
RDNS_DYNAMIC=0.1]
Received: from SERVER ([127.0.0.1])
by localhost (SERVER [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id cJHLW7OntF+L; Mon, 22 Mar 2010 11:13:10 -0400 (EDT)
Received: from MTA (MTA [xxx.xxx.xxx.yyy])
by SERVER (Postfix) with ESMTP id 1F2A6AD2814E;
Mon, 22 Mar 2010 11:13:01 -0400 (EDT)
Received: from localhost (localhost.localdomain [127.0.0.1])
by MTA (8.13.8/8.13.8) with ESMTP id o2MFBwgB022995;
Mon, 22 Mar 2010 11:13:00 -0400
X-Virus-Scanned: amavisd-new at rider.edu
Received: from MTA ([127.0.0.1])
by localhost (MTA [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 01Z6U72u0jZX; Mon, 22 Mar 2010 11:12:59 -0400 (EDT)
Received: from LISTSERVER (LISTSERVER[xxx.xxx.xxx.zzz])
by MTA (8.13.8/8.13.8) with ESMTP id o2MFA9l7021678;
Mon, 22 Mar 2010 11:12:59 -0400
Received: from LISTSERVER (localhost [127.0.0.1])
by LISTSERVER (8.13.8/8.13.8) with ESMTP id o2MCT1rC002417;
Mon, 22 Mar 2010 11:07:44 -0400
Received: by LISTSERVER (LISTSERV-TCP/IP release 15.5) with spool id
149462 for mailingl...@listserver; Mon, 22 Mar 2010
11:07:32 -0400
Approved-By: nnn...@rider.edu
Received: from MTA (MTA [xxx.xxx.xxx.yyy]) by
LISTSERVER (8.13.8/8.13.8) with ESMTP id o2MEn3CC012817; Mon,
22 Mar 2010 10:49:03 -0400
Received: from localhost (localhost.localdomain [127.0.0.1]) by
MTA (8.13.8/8.13.8) with ESMTP id o2MEn33G018226; Mon,
22 Mar 2010 10:49:03 -0400
X-Virus-Scanned: amavisd-new at rider.edu
Received: from MTA ([127.0.0.1]) by localhost
(MTA [127.0.0.1]) (amavisd-new,
port 10024) with ESMTP id R9RdarVcIxv2; Mon, 22 Mar 2010 10:48:59
-0400 (EDT)
Received: from SERVER (SERVER [xxx.xxx.xxx.xxx]) by
MTA (8.13.8/8.13.8) with ESMTP id o2MEmwbx018188; Mon,
22 Mar 2010 10:48:58 -0400
Received: from localhost (localhost.localdomain [127.0.0.1]) by
SERVER (Postfix) with ESMTP id 09804C6E00F4; Mon, 22 Mar
2010 10:48:58 -0400 (EDT)
X-Virus-Scanned: amavisd-new at rider.edu
Received: from SERVER ([127.0.0.1]) by localhost
(SERVER [127.0.0.1]) (amavisd-new,
port 10024) with ESMTP id o2cODKC3ZXyU; Mon, 22 Mar 2010 10:48:54
-0400 (EDT)
Received: from xx.xx.xx.xx.hsd1.nj.comcast.net
(xx.xx.xx.xx.hsd1.nj.comcast.net [xx.xx.xx.xx]) by
SERVER (Postfix) with ESMTP id A49B8C6E00EC; Mon, 22 Mar
2010 10:48:53 -0400 (EDT)
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
