On Sun, 15 Aug 2010, Josef Karliak wrote:
I've some problem with whitelisting.
In the local.cf file I've for example:
whitelist_from *...@ajetaci.cz
You do not want to do that. The From address on an email is trivially easy
to forge, and it is common practice for spammers to forge a From address
in the same domain as the target address. whitelist_from is only to be
used if nothing else will work, as it is a naive whitelist.
You want to use whitelist_from_auth or one of the other authenticated
variants.
What did I missed ?
The best way to skip SA for local users is in the glue layer. Tell it to
recognize mail that originates from your local network and for those
messages simply _not call SA_ at all. Then you save the processing
overhead.
You didn't tell us how you're gluing SA onto your MTA. How are you doing
that?
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Vista is at best mildly annoying and at worst makes you want to
rush to Redmond, Wash. and rip somebody's liver out. -- Forbes
-----------------------------------------------------------------------
Today: the 65th anniversary of the end of World War II
