Re: SA on outgoing SMTP servers
On 09.09.11 17:20, Matus UHLAR - fantomas wrote: due to many spam problems (outbreaks) in history, we check for spamminess on outgoing mail servers. However there are rules that should not apply on them. - Dynamic/blacklist (except URIBL) checks I can avoid these by defining local server to msa_networks - ALL_TRUSTED I'm sure I have to turn this off, does it also apply to dependencies? What about !ALL_TRUSTED dependencies? - SPF checks While we should reject/quarantine e-mail that does not match SPF, it should not apply to domains we are designed to send mail for . (SPF records include us) ... any other ideas? Further watching and thinking advises me to: - skip all RBL checks that check on IP address, which means all except rfci and ahbl - zero (or, make nearly zero) RDNS_NONE and TVD_RCVD_SINGLE - MAYBE define all hosts as trusted/internal - MAYBE use first scoreset, as if we didn't do network checks, even if we do RAZOR, PYZOR, DCC, URIBL's, rfci etc... (would be worth checking) -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I just got lost in thought. It was unfamiliar territory.
Re: SA on outgoing SMTP servers
due to many spam problems (outbreaks) in history, we check for spamminess on outgoing mail servers. However there are rules that should not apply on them. - Dynamic/blacklist (except URIBL) checks I can avoid these by defining local server to msa_networks - ALL_TRUSTED I'm sure I have to turn this off, does it also apply to dependencies? What about !ALL_TRUSTED dependencies? - skip all RBL checks that check on IP address, which means all except rfci and ahbl - zero (or, make nearly zero) RDNS_NONE and TVD_RCVD_SINGLE I have implemented these until now: score ALL_TRUSTED 0 meta__DOS_DIRECT_TO_MX (0) score RDNS_NONE 0 score TVD_RCVD_SINGLE 0 -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. 99 percent of lawyers give the rest a bad name.
Re: SA on outgoing SMTP servers
Am 09.09.2011 17:20, schrieb Matus UHLAR - fantomas: due to many spam problems (outbreaks) in history, we check for spamminess on outgoing mail servers. However there are rules that should not apply on them. - Dynamic/blacklist (except URIBL) checks I can avoid these by defining local server to msa_networks - ALL_TRUSTED I'm sure I have to turn this off, does it also apply to dependencies? What about !ALL_TRUSTED dependencies? - SPF checks While we should reject/quarantine e-mail that does not match SPF, it should not apply to domains we are designed to send mail for . (SPF records include us) ... any other ideas? On 09.09.11 20:17, Robert Schetterer wrote: try using clamav-milter with sanesecurity antispam signatures this should avoid a lot of outgoing spam Maybe, but this is not what I have asked for, and it won't help me a bit resolving my problem, sorry. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Chernobyl was an Windows 95 beta test site.
SA on outgoing SMTP servers
Hello, due to many spam problems (outbreaks) in history, we check for spamminess on outgoing mail servers. However there are rules that should not apply on them. - Dynamic/blacklist (except URIBL) checks I can avoid these by defining local server to msa_networks - ALL_TRUSTED I'm sure I have to turn this off, does it also apply to dependencies? What about !ALL_TRUSTED dependencies? - SPF checks While we should reject/quarantine e-mail that does not match SPF, it should not apply to domains we are designed to send mail for . (SPF records include us) ... any other ideas? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Microsoft dick is soft to do no harm
Re: SA on outgoing SMTP servers
Am 09.09.2011 17:20, schrieb Matus UHLAR - fantomas: Hello, due to many spam problems (outbreaks) in history, we check for spamminess on outgoing mail servers. However there are rules that should not apply on them. - Dynamic/blacklist (except URIBL) checks I can avoid these by defining local server to msa_networks - ALL_TRUSTED I'm sure I have to turn this off, does it also apply to dependencies? What about !ALL_TRUSTED dependencies? - SPF checks While we should reject/quarantine e-mail that does not match SPF, it should not apply to domains we are designed to send mail for . (SPF records include us) ... any other ideas? try using clamav-milter with sanesecurity antispam signatures this should avoid a lot of outgoing spam -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria