On Fri, Apr 09, 2010 at 05:43:24PM -0400, Kris Deugau wrote: > >>> I would think that in this case the dynamic address blocks would need to >>> be explicitly defined. >> >> That's why I starting this thread by saying that I went hunting for a >> "mua_networks" equivalent, and couldn't find one. > > OK, think about this: What do you do about relay IPs outside your > network, from which your customers are sending mail through your MSA via > SMTP AUTH? There's a good chance they're listed on eg Spamhaus PBL - > and there's *no* way you'll ever predict them.
If one really can't make it work by the proper msa_networks way (making sure all the auth Received: magic is there), then probably the only option is to use a POPAuth[1] style plugin (somewhat deprecated since it doesn't even recognize "internal"). I'm sure there's plugin ways to add to the internal list if the sender is authenticated, but still it probably would be more beneficial to just change the MSA configuration to supported. [1] http://wiki.apache.org/spamassassin/POPAuthPlugin
