On Mon, Apr 12, 2010 at 12:43 PM, Michael Scheidell <scheid...@secnap.net> wrote: > are they not authenticating through, and sending out via (forgive me) an > exchange server? > if outlook is authenticating direct to the exchange server, then the > exchange server would be the source ip, and you would eliminate lots of > this. > > other option is set up submit port that only available via vpn, or use smtp > auth and give anyone coming in via that -100 points. > (amavisd-new can add credit for smtp-auth users)
I am totally lost. Who has an Exchange server? I have a Postfix mail server. When users are on the LAN, their client IP is in range of 'mynetworks' parameter via Postfix. When they're home and VPN into my network, they fire up Outlook / Thunderbird & send email as they would if they were sitting in the office. However their client IP is now their ISP connected IP and their reverse DNS is not correct so SA thinks this is a spammer without a proper RDNS entry per RFC guidelines. Is there a way to fix this mix up? Nobody is authenticating through any Exchange servers or anything like that...
