Hi Matt, I have a follow-up question on this topic. I am running SA on the same system as my mail server. This system also acts as the NAT system for our office. The system has one public IP on NIC and a private IP on a second NIC acting as a gateway via NAT.
I too have the same whitelist issues. I have several external addresses / domains that I have white listed with a plain whitelist_from AND whitelist_from_rcvd and they are still caught as spam. Do I need to use trusted_networks also? I have watched my logs and seen other white listed addresses tagged correctly < -100 scores but these nagging users keep getting missed. I am about to also create custom rules to band-aid fix this issue. Dan BTW I am running SA 2.63. > -----Original Message----- > From: Matt Kettler [mailto:[EMAIL PROTECTED] > Sent: Thursday, March 25, 2004 3:00 PM > To: Pierre Thomson; [EMAIL PROTECTED] > Subject: Re: whitelist_from_rcvd - again > > > At 04:38 PM 3/25/2004, Pierre Thomson wrote: > >I'm having a heck of a time getting whitelist_from_rcvd to work AT ALL > >since upgrading to 2.63 . I have read the threads about trusted networks, > >etc., but nothing seems to work. (To be honest, I don't see the logic > >behind it only working on trusted networks... it may foil some spoofs but > >it makes administration a nightmare.) > > > >That said... I can't even get outgoing mail from our very own > >192.168.1.XXX network to trigger a whitelist_from_rcvd rule, even when I > >explicitly declare that network trusted. I have had to resort to local > >meta rulesets that check the From and Received lines for the desired > >combination of strings > > That right there is your problem most likely... If you are using a NATed > mailserver you MUST manualy declare trusted_networks. Otherwise SA > mis-understands the mail headers and decides your SMTP gateway is a server > outside your network. > > Try forcing a trusted_networks statement that contains _only_ your > mailserver. Do not include your hosts. Do not include any outside ISPs. > Just include your servers. >
