On 12/17/2010 8:41 AM, Jason Bertoch wrote:
On 2010/12/17 11:28 AM, Aaron Bennett wrote:
I've got an issue where users off-campus who are doing authenticated
SMTP/TLS from home networks are having their mail hit by the PBL. I
have trusted_networks set to include the incoming relay, but still the
PBL hits it as follows:
Received: from cmail.clarku.edu (muse.clarku.edu [140.232.1.151])
by mothra.clarku.edu (Postfix) with ESMTP id D4FC2684FEA
for<re...@clarku.edu>; Tue, 7 Dec 2010 00:11:24 -0500 (EST)
Received: from SENDERMACHINE (macaddress.hsd1.ma.comcast.net
[98.216.185.77])
by cmail.clarku.edu (Postfix) with ESMTP id 82F21901E48
for<re...@clarku.edu>; Tue, 7 Dec 2010 00:11:24 -0500 (EST)
From: "USER NAME"<sen...@clarku.edu>
Despite that internal_networks and trusted_networks are set to
140.232.0.0/16, the message still triggers the PBL rule. Given that I
know that (unless there's a trojaned machine or whatever) I must trust
email that comes in over authenticated SMTP/TLS through the 'cmail'
host, how can I prevent it from hitting the PBL?
Based on the headers you included, there's nothing indicating the sender
was authenticated. Are you using the following in postfix?
smtpd_sasl_authenticated_header yes
And what prevents a spammer from forging this into a header and
bypassing SA? Just askin.
Ted
