Hello Andrea,

On Monday, February 2, 2004 at 10:34:16 AM you wrote (at least in
part):

> The email above is a worm. That is, my qmail-scanner in tcp.smtp
> hasn't checked the email, probably because there's nothing that says
> "the tcp.smtp rules have precedence instead of open-smtp".

Because this kind of "rule" CANNOT exist.
'tcp.smtp' and 'open-smtp' are merged into /ONE/ file.
'tcpserver' chooses /the most appropriate/ entry when it looks up this
.cdb file. So you 'rest of the world' rule will never apply to anybody
who got added with a concrete IP by POP3-b4-SMTP.

> # Use Qmail-Scanner with SpamAssassin on any mail from the rest of the world
> :allow,DENYMAIL="DNSCHECK",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

Spare this two lines in tcp.smtp. Export 'DENYMAIL' and 'QMAILQUEUE'
with the above mentioned values in your smtpd-startup script. They'll
be applied to all connections than automatically and only if
overwritten by a rule in .cdb file not take effect.

A problem could be your 'DENYMAIL' rule. I don't know what it is good
for, but as vpopmail-roaming does not insert an empty 'DENYMAIL' all
connections will feel it's consequences. Exception: you modify
vpopmail to insert a 'DENYMAIL=""' additionally to already inserted
'RELAYCLIENT=""'.

P.S.: Before anybody cries qmail-scanner will not check on RELAYCLIENT
      enabled connections than: IT WILL!. It only returns immediately
      from 'sub spamassassin' if RELAYCLIENT is set, it does NOT
      refrain from running AV-tests. Please have a look at the sources
      yourself before next time repeating such a wrong statement THAT
      often. Thank you.
-- 
Best regards
Peter Palmreuther

Monday is an awful way to spend one-seventh of your life.

Reply via email to