On 2010/12/17 11:47 AM, Ted Mittelstaedt wrote:
And what prevents a spammer from forging this into a header and
bypassing SA? Just askin.
On 12/17/2010 8:51 AM, Jason Bertoch wrote:
Without checking, I'd guess that matching an authentication header with
an address in trusted_networks would
Hi Aaron,
I know in our setup we just give trusted_networks a score of -120, that
way it usually doesn't matter if they kick off any PBL's etc on their
initial hop.
Regards
Eddie Hallahan
Enterprise Management Consulting
www.emcuk.com
Enterprise Management Consulting is a company registered in
On 12/17/10 9:57 AM, Ted Mittelstaedt wrote:
On 12/17/2010 9:23 AM, Aaron Bennett wrote:
-Original Message- From: Ted Mittelstaedt
[mailto:t...@ipinc.net] Sent: Friday, December 17, 2010 12:20 PM
To: users@spamassassin.apache.org Subject: Re: preventing
authenticated smtp users from
Am 17.12.2010 20:50, schrieb Jason Bertoch:
On 2010/12/17 2:48 PM, Robert Schetterer wrote:
forget trusted_networks use i.e spamass-milter
with spamassassin with option -I: skip (ignore) checks if sender is
authenticated
Though I've not used spamass-milter, will this really work if the
On Fri, 17 Dec 2010 10:11:11 -0800
Ted Mittelstaedt t...@ipinc.net wrote:
On 12/17/2010 9:28 AM, Jason Bertoch wrote:
In the OP's case, his authenticating server is separate from his SA
server. In any case, the server indicating authentication
(localhost or otherwise) should be a trusted
On 12/17/10 11:04 PM, Ted Mittelstaedt wrote:
It's shit-for-brains young girl administrative assistants at companies
who are our customers who apparently have too much time on their hands.
Don't hold back,.. how do you REALLY feel about outlook stationary?
--
Michael Scheidell, CTO
o:
Hi,
I've got an issue where users off-campus who are doing authenticated SMTP/TLS
from home networks are having their mail hit by the PBL. I have
trusted_networks set to include the incoming relay, but still the PBL hits it
as follows:
Received: from cmail.clarku.edu (muse.clarku.edu
On 2010/12/17 11:28 AM, Aaron Bennett wrote:
I've got an issue where users off-campus who are doing authenticated SMTP/TLS
from home networks are having their mail hit by the PBL. I have
trusted_networks set to include the incoming relay, but still the PBL hits it
as follows:
Received:
I've tusseled with this and eventually I gave up and setup a cheap PC
with FreeBSD that does nothing other than serve authenticated SMTP for
customers. Obviously it does not run spamassassin. It relays all mail
(inbound and outbound) to the main server.
The one thing I would advise if you do
-Original Message-
Based on the headers you included, there's nothing indicating the sender
was authenticated. Are you using the following in postfix?
smtpd_sasl_authenticated_header yes
No, I'm not -- that's a good idea. If I turn that on, can I write a rule based
On 12/17/2010 8:41 AM, Jason Bertoch wrote:
On 2010/12/17 11:28 AM, Aaron Bennett wrote:
I've got an issue where users off-campus who are doing authenticated
SMTP/TLS from home networks are having their mail hit by the PBL. I
have trusted_networks set to include the incoming relay, but still
On 2010/12/17 11:46 AM, Aaron Bennett wrote:
-Original Message-
Based on the headers you included, there's nothing indicating the sender
was authenticated. Are you using the following in postfix?
smtpd_sasl_authenticated_header yes
No, I'm not -- that's a good idea. If
On 2010/12/17 11:47 AM, Ted Mittelstaedt wrote:
And what prevents a spammer from forging this into a header and
bypassing SA? Just askin.
Without checking, I'd guess that matching an authentication header with
an address in trusted_networks would be sufficient. If your
authentication
On fre 17 dec 2010 17:47:26 CET, Ted Mittelstaedt wrote
smtpd_sasl_authenticated_header yes
And what prevents a spammer from forging this into a header and
bypassing SA? Just askin.
clever :-)
this is just informative header, not one that disable sasl in postfix
sender can add this header
Ted Mittelstaedt wrote:
On 12/17/2010 8:41 AM, Jason Bertoch wrote:
Based on the headers you included, there's nothing indicating the sender
was authenticated. Are you using the following in postfix?
smtpd_sasl_authenticated_header yes
And what prevents a spammer from forging this into a
On 12/17/2010 8:51 AM, Jason Bertoch wrote:
On 2010/12/17 11:47 AM, Ted Mittelstaedt wrote:
And what prevents a spammer from forging this into a header and
bypassing SA? Just askin.
Without checking, I'd guess that matching an authentication header with
an address in trusted_networks would be
-Original Message-
From: Ted Mittelstaedt [mailto:t...@ipinc.net]
Sent: Friday, December 17, 2010 12:20 PM
To: users@spamassassin.apache.org
Subject: Re: preventing authenticated smtp users from triggering PBL
why are you using authenticated SMTP from trusted networks?
The whole
On 2010/12/17 12:19 PM, Ted Mittelstaedt wrote:
why are you using authenticated SMTP from trusted networks?
The whole point of auth smtp is to come from UN-trusted networks.
In the OP's case, his authenticating server is separate from his SA
server. In any case, the server indicating
On 12/17/2010 9:12 AM, Kris Deugau wrote:
Ted Mittelstaedt wrote:
On 12/17/2010 8:41 AM, Jason Bertoch wrote:
Based on the headers you included, there's nothing indicating the sender
was authenticated. Are you using the following in postfix?
smtpd_sasl_authenticated_header yes
And what
On fre 17 dec 2010 18:36:25 CET, Ted Mittelstaedt wrote
But, go ahead, do it your way. If your a small site you might
even be OK for long enough to forget this advice. But sooner
or later your going to get cracked into and you will wish you
had separated the servers.
clamav stops most of
From: Ted Mittelstaedt [mailto:t...@ipinc.net]
And what prevents a spammer from forging this into a header and
bypassing SA? Just askin.
Ted
The fact that the authenticating server forwarding the request is trusted
and/or internal network.
SA doesn't look at any auth token outside of
SA also avails the msa_networks setting to allow a node to act both as
a MX and a MUA, making a message look like internally sourced iff the
node says it is from an authenticated source.
Of course, I meant:
SA also avails of the msa_networks setting to allow a node to act both as a
MTA and a
On 12/17/2010 9:23 AM, Aaron Bennett wrote:
-Original Message- From: Ted Mittelstaedt
[mailto:t...@ipinc.net] Sent: Friday, December 17, 2010 12:20 PM
To: users@spamassassin.apache.org Subject: Re: preventing
authenticated smtp users from triggering PBL
why are you using authenticated
On 12/17/2010 9:28 AM, Jason Bertoch wrote:
On 2010/12/17 12:19 PM, Ted Mittelstaedt wrote:
why are you using authenticated SMTP from trusted networks?
The whole point of auth smtp is to come from UN-trusted networks.
In the OP's case, his authenticating server is separate from his SA
Ted Mittelstaedt wrote:
I know that, Sendmail adds the same flag when setup for auth SMTP. The
problem is that SA will see this and assume the mail is safe.
N if your trust path is set correctly, then SA won't run tests
like eg PBL (IP blocks designated by the nominal owner as not
My experience with SA is that if it sees that flag anywhere in the
header, it will assume the mail is safe. I have also had the
experience
No, Ted. SA wouldn't accept an authenticated mark from outside its
trusted_network.
with earlier versions of SA that they ignore the flag completely
On 12/17/2010 9:32 AM, Benny Pedersen wrote:
On fre 17 dec 2010 18:19:55 CET, Ted Mittelstaedt wrote
The whole point of auth smtp is to come from UN-trusted networks.
will not agre on that one, if you require auth it must check all ip even
localhost
I don't mean to say that just because
On 12/17/2010 10:15 AM, Kris Deugau wrote:
Ted Mittelstaedt wrote:
I know that, Sendmail adds the same flag when setup for auth SMTP. The
problem is that SA will see this and assume the mail is safe.
N if your trust path is set correctly, then SA won't run tests
like eg PBL (IP blocks
On Fri, 17 Dec 2010 11:24:51 -0800
Ted Mittelstaedt t...@ipinc.net wrote:
It is possible this is because I use sa-milter.
If you want to make complex policy decisions, you might want to use
something like MIMEDefang (note: I'm the author. :))
It lets you encode your mail processing logic in
On 12/17/2010 2:24 PM, Ted Mittelstaedt wrote:
Exactly my point. The problem I have had with SA as I said in my
original response is that even if you use authenticated SMTP that
setting the auth flag in the received header simply didn't work.
Even when it is there, SA still filtered. If
Am 17.12.2010 17:28, schrieb Aaron Bennett:
Hi,
I've got an issue where users off-campus who are doing authenticated SMTP/TLS
from home networks are having their mail hit by the PBL. I have
trusted_networks set to include the incoming relay, but still the PBL hits
it as follows:
On 2010/12/17 2:48 PM, Robert Schetterer wrote:
forget trusted_networks use i.e spamass-milter
with spamassassin with option -I: skip (ignore) checks if sender is
authenticated
Though I've not used spamass-milter, will this really work if the
authentication server is not local?
--
/Jason
On 12/17/2010 10:15 AM, Kris Deugau wrote:
Ted Mittelstaedt wrote:
I know that, Sendmail adds the same flag when setup for auth SMTP.
The
problem is that SA will see this and assume the mail is safe.
N if your trust path is set correctly, then SA won't run
tests
like eg PBL
I've got an issue where users off-campus who are doing authenticated
SMTP/TLS from home networks are having their mail hit by the PBL. I
have trusted_networks set to include the incoming relay, but still the
PBL hits it as follows:
I mentioned in a direct email (as my blackberry won't
* Ted Mittelstaedt t...@ipinc.net:
On 12/17/2010 8:41 AM, Jason Bertoch wrote:
On 2010/12/17 11:28 AM, Aaron Bennett wrote:
I've got an issue where users off-campus who are doing authenticated
SMTP/TLS from home networks are having their mail hit by the PBL. I
have trusted_networks set to
On 12/17/2010 11:57 AM, Giampaolo Tomassoni wrote:
On 12/17/2010 10:15 AM, Kris Deugau wrote:
Ted Mittelstaedt wrote:
I know that, Sendmail adds the same flag when setup for auth SMTP.
The
problem is that SA will see this and assume the mail is safe.
N if your trust path is set
36 matches
Mail list logo