Leonardo Rodrigues Magalhães wrote: > > Hello Guys, > > I have SA running with amavisd/postfix. I also have several > external users with dinamic IP addresses which are allowed to relay > using my server because they authenticate, i have SASL running. > > The problem is that right after publishing my SPF informations and > enabling SA to process SPF data, i have some messages from my users, > which are allowed to relay because they authenticated, hitting the > SPF_FAIL rule. I'd love to hear the answer too. As a long time Qmail user, this issue is easily dealt to as Qmail sets environment variables telling you if the current mail message is from a RELAYCLIENT (i.e. a trusted IP or an authenticated user). As such, tools such as Qmail-Scanner default to not running SA over "locally" generated mails - which stops this issue entirely.
I've always wanted to know how to do the same thing in Postfix... -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
