Re: Whitelisting local domain (spamassassin qmail)
My problem are the client that send mail send mail throught of the SMTP auth. I have prepare a plugin for SpamAssasin, for verify if the email into throught of the SMTP auth or throught of the MX for externals mails. This plugin work becouse I received the email throught of two IP: The first is for external use and the second is for auth clients. You can see this plugin in http://code.google.com/p/qmailsmtpauth/ http://code.google.com/p/qmailsmtpauth/ If you want to try, test with a score of -1, at least until you test it. Im' sorry for my bad English El 27/04/10 11:59, Martin Caine escribió: We're using qmail with qmail-scanner (personally I'd prefer switching to postfix but it's not practical to do that at the moment. I'll see if I can find out how to add the auth information into the headers. Thanks
Re: Whitelisting local domain (spamassassin qmail)
Sorry for the confusion. I am talking about connecting from an untrusted IP. We do have authentication enabled on our SMTP server to disable relaying for unknown users but as far as I can tell there's nothing in the headers that seems to show this. ie: pc - smtp1 - inbox (just shows the PCs IP (dynamic) and receiving server info) ie: pc - smtp2 - smtp1 - inbox (shows info from my sending smtp2 server which I can use for whitelisting for a domain name that is external to smtp1). I'll take a look at the headers again and see if there's any sort of rule I can match against the header of the internal email. -- View this message in context: http://old.nabble.com/Whitelisting-local-domain-%28spamassassin---qmail%29-tp28364411p28374803.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Whitelisting local domain (spamassassin qmail)
On 27.04.10 02:26, Martin Caine wrote: Sorry for the confusion. I am talking about connecting from an untrusted IP. We do have authentication enabled on our SMTP server to disable relaying for unknown users but as far as I can tell there's nothing in the headers that seems to show this. ie: pc - smtp1 - inbox (just shows the PCs IP (dynamic) and receiving server info) ie: pc - smtp2 - smtp1 - inbox (shows info from my sending smtp2 server which I can use for whitelisting for a domain name that is external to smtp1). I'll take a look at the headers again and see if there's any sort of rule I can match against the header of the internal email. what MTA do you use? many MTAs support adding authentication headers that can be processed by spamassassin. Check for this. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. WinError #98652: Operation completed successfully.
Re: Whitelisting local domain (spamassassin qmail)
We're using qmail with qmail-scanner (personally I'd prefer switching to postfix but it's not practical to do that at the moment. I'll see if I can find out how to add the auth information into the headers. Thanks -- View this message in context: http://old.nabble.com/Whitelisting-local-domain-%28spamassassin---qmail%29-tp28364411p28375077.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Whitelisting local domain (spamassassin qmail)
Hi, I'm hoping someone here has some ideas on how we can whitelist our local domain as some of our internal emails have been getting junked by spamassasin and we don't just want to whitelist_from the domain as any spoofed junk will be allowed through too. I've spent a little while reading through forum posts and blogs and managed to add the following to our local.cf to allow an email from one of my own domains (external to the qmail mail server) to always be whitelisted: whitelist_from_rcvd *...@retroburngames.com bytrix.org This had the effect of allowing all emails from my retroburngames.com domain through to our mail server regardless of their spam score (I sent an empty email with no subject to test and it got the -100 score applied from the whitelist). The bytrix.org is the rDNS of the server which hosts retroburngames.com. Now the problem is that if I'm sending from our local domain I connect to the SMTP server, send the email and it is delivered locally, so the only Received: line shows the IP/hostname of my PC and doesn't actually show it as being received from our domain: Received: from host[my_ip_address].in-addr.btopenworld.com (HELO ?192.168.32.10?) (mar...@[my_domain_dot_com]@[my_ip_address]) by [our_servers_hostname].memset.net with SMTP; 26 Apr 2010 09:26:45 - Since the headers don't seem to be showing the message from my domain I can't see how I can add a whitelist_from_rcvd rule for it. Please if anyone has any suggestions on how to resolve this issue I'd like to hear them :) Thanks, Martin -- View this message in context: http://old.nabble.com/Whitelisting-local-domain-%28spamassassin---qmail%29-tp28364411p28364411.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Whitelisting local domain (spamassassin qmail)
On Mon, 26 Apr 2010, Martin Caine wrote: Received: from host[my_ip_address].in-addr.btopenworld.com (HELO ?192.168.32.10?) (mar...@[my_domain_dot_com]@[my_ip_address]) by [our_servers_hostname].memset.net with SMTP; 26 Apr 2010 09:26:45 - If 'my_ip_address' is truly 'internal' then you should be able to add it to 'trusted_networks'. But that allows *all* mail from that internal IP. - C
Re: Whitelisting local domain (spamassassin qmail)
Hi Charles, Thanks for the reply. Unfortunately where I put my ip it's actually showing the IP I have here at work, it's the IP assigned for our internet connection in the office and is dynamic (and even if it was static, whitelisting it would only fix the problem if we were emailing from the office and wouldn't whitelist emails sent from blackberries, iphones and other locations). -- View this message in context: http://old.nabble.com/Whitelisting-local-domain-%28spamassassin---qmail%29-tp28364411p28366716.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Whitelisting local domain (spamassassin qmail)
You used the phrase 'internal' to describe the IP from which you are sending your mail. If you are trying to send mail by connecting from an untrusted (external) dynamic IP address (including blackberries) then you need to use some form of SMTP authentication on the connection to verify that the mail is really legitimate mail from your domain. In which case If your MSA properly inserts the auth information into the headers, SpamAssassin should react appropriately. - Charles On Mon, 26 Apr 2010, Martin Caine wrote: Thanks for the reply. Unfortunately where I put my ip it's actually showing the IP I have here at work, it's the IP assigned for our internet connection in the office and is dynamic (and even if it was static, whitelisting it would only fix the problem if we were emailing from the office and wouldn't whitelist emails sent from blackberries, iphones and other locations). -- View this message in context: http://old.nabble.com/Whitelisting-local-domain-%28spamassassin---qmail%29-tp28364411p28366716.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
