Am 18.03.2015 um 22:24 schrieb Axb:
On 03/18/2015 09:48 PM, Quanah Gibson-Mount wrote:I noticed that some of the Zimbra auto-generated emails (reports on various bits) are getting hit with RBL scoring for some customers. This appears to be because they are (quite reasonably) using private IPs on some of thier internal Zimbra servers. However, when it goes through the MTA, it gets hit as spam because of this. Example:X-Spam-Status: Yes, score=10.297 tagged_above=-10 required=10 tests=[ALL_TRUSTED=-1, BAYES_00=-0.5, T_RP_MATCHES_RCVD=-0.01, URIBL_BLACK=3.25, URIBL_DBL_SPAM=2.5, URIBL_JP_SURBL=1.25, URIBL_RHS_DOB=1.514, URIBL_SBL_A=0.1, URIBL_WS_SURBL=1.608, URI_HEX=1.122, URI_NOVOWEL=0.5, URI_TRY_3LD=0.963, DSPAM.Innocent=-1.000] autolearn=no autolearn_force=no The originating IP is Received: from zcs1.example.com (LHLO zcs1.example.com) (10.2.0.3) The IP is clearly listed in trusted_networks, as can be seen via the ALL_TRUSTED scoring. Is there any way to write a rule that says if this came in via a trusted host, to skip RBL lookups? Or at least, specific servers?Why is "Internal" or local mail sent thru SA? This is probably fixable via glue config
well, because in many cases you have hundrets of domains and don't want to maintain internal and external DNS views just for point the MX internally directly to the final destination
"score ALL_TRUSTED -100" could be a workaroundon the other hand why does SA completly skip RBL requests which could be a high scored DNSWL and at the same moment not skip URIBL in case if internal/trusted networks?
the benefit of RBL requests would be that you can socre "ALL_TRUSTED" only once while use it for different networks while a local rbldnsd could handel IP's networks with different scores
see Post #7 http://www.gossamer-threads.com/lists/spamassassin/users/187148
signature.asc
Description: OpenPGP digital signature
