I put something on this mailing list earlier about spam messages being forwarded automatically from our secondary mail server because the local subnet is white listed. You said to add the IPBYPASS line with the IP address of the secondary mail server, and Declude would then run the tests on the IP address of the server that sent the message to the secondary mail server.
Correct. However:
Internet Header:
Received: from secmail.crescentdigital.com [67.17.218.70] by mail.crescentdigital.com with ESMTP
(SMTPD32-6.06) id AE17510152; Mon, 17 Mar 2003 15:20:39 -0500
Received: from dsl-200-42-88-152.prima.net.ar (dsl-200-42-88-152.prima.net.ar [200.42.88.152])
Global.cfg File: #XOUTHEADER Organization: Your Name Here IPBYPASS 67.17.218.70 WHITELIST IP 67.17.218.0/25
In this case, the E-mail should not be whitelisted, and it should be scanned based on the IP 200.42.88.152.
With the information you've provided, I don't see any indication that anything is wrong.
The questions here would be: [1] Was the E-mail whitelisted (it should not have been, unless there was another WHITELIST line that whitelisted it)? [2] Was the E-mail scanned based on the IP of 200.42.88.152 (as it should), or 67.17.218.70 (which it should not be scanning)?
-Scott
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
