On Tue, Jul 2, 2013 at 7:09 PM, Andreas Schamanek <[email protected]> wrote:
> 2) What's currently more annoying are colleagues of mine operating > large mail servers (tu-graz.ac.at and ethz.ch are 2 examples) who > forward their former users' mail to external addresses without prior > filtering. Thus, we see spam coming from their (otherwise) trustworthy > network. They are whitelisted (in this case by JMF-WHITE and DNSWL_MED) > which (would) lead to false negatives. Moreover, it renders our > statistical analyses useless for their IPs. Put such sources in SA's trusted_networks. This also ensures that blacklists (and whitelists) are applied to the IPs delivering to these forwarding systems. -- Matthias
