Dan Horne wrote:
I see a couple of ways that this can be remedied, most of
which is acceptable. a) Whitelist all of the users (or the
entire domain) for every domain on the system [obviously bad
since it allows spammers to spoof from headers with impunity
even with SPF setup]. b) set up second machine to be a second
MTA and have users send email from machine 2 which then
relays to machine 1 [waste of a machine and energy to run
that machine]. or c) there is some configuration I am
missing. Does anyone know what I can do to fix this?
Set up SMTP AUTH and require your users to log in to send email. If I
understand correctly Spamassassin automatically trusts mails sent via
SMTP AUTH.
Thanks for the response. SMTP auth is set up so there must be something
I need to do to tell SA that it was auth'd.
Any ideas?
Thanks,
Tom
