Use Spamassassin - Not working properly
Stephen Swaney
steve.swaney at FSL.COM
Sat Jul 31 01:16:35 IST 2004
> -----Original Message-----
> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
> Behalf Of Jim Scott
> Sent: Friday, July 30, 2004 5:59 PM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: Use Spamassassin - Not working properly
>
> > > -----Original Message-----
> > > From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
> > > Behalf Of Jim Scott
> > > Sent: Friday, July 30, 2004 2:56 PM
> > > To: MAILSCANNER at JISCMAIL.AC.UK
> > > Subject: Re: Use Spamassassin - Not working properly
> > >
> > > > On Fri, 30 Jul 2004 09:18:43 -0700, Jim Scott <jscott at infoconex.com>
> > > wrote:
> > > Not sure what to look at. We setup a rule in the MailScanner.conf
> > > file like this.
> > >
> > > /etc/MailScanner/rules/spamassassin.rules
> > >
> > > The file contains a couple of test rules.
> > >
> > > For example:
> > > FromOrTo: jscott at infoconex.com yes
> > > From: 192.168.105.5/24 yes
> > > From: Customers block yes
> > >
> > > If I send or receive email it gets processed by spamassassin. If
> > > I
> > > send an email from the private IP space no matter what my from
> > > email
> > > address is it gets scanned by spamassassin as it should.
> > >
> > > However my customers IP space nothing is getting processed?
> > >
> > > The only thing that is different is that I have 2 IP's bound to
> > > this
> > > machine. I have the client use the 2nd IP to relay emails via so
> > > I
> > > can monitor traffic generated. The customers has multiple
> > > networks
> > > and for each I have the whole /24 added.
> > >
> > > Any ideas what to look at?
> > >
> > > It sure looks like it should work properly. Just isnt.
> > >
> > > Jim
> > >
> > > Anyone able to help me on this one?
> > >
> > > Jim
> > >
> >
> > White space or tabs shouldn't matter
> > 192.126. or 192.168 or regular expressions should be the same
> >
> >
> > What does "Customers block" in you file represent?
> >
> > Here is a copy of a file that does work.
> >
> > # Start of File
> > # This file controls which email is scanned for spam
> > # and MailScanner security checks
> > # Addresses matching in here, with the value
> > # "no" will never be marked as spam or be checked by
> > # Mailscanner or SpamAssassin checks
> > # Use IP addresses whenever possible
> > # From this host to allow release from Quarantine
> > From: 127.0.0.1 no
> > # For somedomain.net & another.com
> > From: 192.22.14.19 no
> > # From otherdomain.com
> > From: 192.143.190.16 no
> > # Always, always end with a default rule
> > FromOrTo: default yes
> > # EOF
> >
> >
> > Do read the EXAMPE and README files in %rules-dir%
> > Additional documentation available in the MailScanner Manual available
> at
> > www.fsl.com/support
> >
> > Steve
> >
> > Stephen Swaney
> > President
> > Fortress Systems Ltd.
> > Steve.Swaney at FSL.com
> >
> Steve sorry I should not have put "Customers Block" in my example. I was
> trying to prevent putting the IP address that is the customers space.
>
>
> Example File:
>
> FromOrTo: jscott at infoconex.com yes # this rule works - this is my
> address and is working
> From: 192.168.105.0/24 yes # this rule works - this
> internal IP space I tested against
> From: xxx.xxx.xxx. yes # Not displaying
> customers IP space and instead representing to you as xxx. Actual file
> does
> contain a realy IP notation. this represents the entire class C for that
> space.
> From: xxx.xxx.xxx.xxx yes # added customer
> speicific IP. Still not getting scanned
> From: xxx.xxx.xxx.0/24 yes # Same as above but
> different notation
> FromOrTo: default no # default is to not
> scan unless it is listed above
>
> In the examples above in which it is setup for detecting for my customer
> it
> is not scanned for spam. What is odd is it works for jscott at infoconex.com
> and I can setup a test account using something else and relay via the
> private IP space listed above 192.168.105.0/24 and it detects and scans.
> However when email is relayed via customers premises it does not work. The
> one thing that may be of issue here is this particular customers locations
> use a Transparent SMTP proxy. This customer wants all there locations to
> have outbound SMTP transparently sent out the server of there choice
> instead
> of the customers setup SMTP server in the client. This makes it easy to
> support since they would not have to have people reconfigure the outbound
> SMTP server in some cases. So I am receiving the emails from the SMTP
> proxy
> server. Not sure if all that is relevant but I figured I would add it.
>
this is probably the problem since the mail sin not really from the relay
server who is just passing it on transparently. Can you determine a range of
Addresses that the clients use?
Stephen Swaney
President
Fortress Systems Ltd.
Steve.Swaney at FSL.com
> I have also added a specific IP instead of a range from one of the servers
> we are receiving emails from. Does not work. I looked at the headers of
> the
> message received since we are using MailWatch (Thanks Steve) and it shows
> it
> was received from the IP we have added. But still no scanning for spam.
>
>
>
> Jim
>
> -------------------------- MailScanner list ----------------------
> To leave, send leave mailscanner to jiscmail at jiscmail.ac.uk
> Before posting, please see the Most Asked Questions at
> http://www.mailscanner.biz/maq/ and the archives at
> http://www.jiscmail.ac.uk/lists/mailscanner.html
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> Fortress Systems Ltd.
> www.fsl.com
>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Fortress Systems Ltd.
www.fsl.com
-------------------------- MailScanner list ----------------------
To leave, send leave mailscanner to jiscmail at jiscmail.ac.uk
Before posting, please see the Most Asked Questions at
http://www.mailscanner.biz/maq/ and the archives at
http://www.jiscmail.ac.uk/lists/mailscanner.html
More information about the MailScanner
mailing list