mailscanner and SMTP AUTH

Christian Kowarzik ckowarzik at
Fri Aug 4 18:33:22 IST 2006

Hi Eric

ewr at schrieb:
> Thanks Christian!
> I like this idea and think it will work well.  I am not entirely up to speed (yet) on how the SA
> rules work and have a question about it.
> Does this rule only check the first Received header?
No, both rules check all received headers of the mail.
> I want to make sure that a forged Received header farther down the email doesn't get the -20
> deduct.
The meta rule will *only* match if all received lines in the email are "authenticated".
The meta rule will *not* match if there are any "non-authenticated" received headers in the email.

And this is exactly what we want ;-)


> Sorry for my ignorance!
> Thanks!
> Eric
>> -----Original Message----- From: mailscanner-bounces at 
>> [mailto:mailscanner-bounces at] On Behalf Of Christian Kowarzik Sent:
>> Friday, August 04, 2006 4:40 AM To: MailScanner discussion Subject: Re: mailscanner and SMTP
>> Hi
>> I use the following spamassassin rules in my /etc/mail/spamassassin/ to decrease the
>> spamassassin score for email senders using smtp auth:
>> header          __OUR_AUTH              Received =~ /authenticated .* by smtp\.xxx\.de/i header
>> __NOT_OUR_AUTH          Received !~ /authenticated .* by smtp\.xxx\.de/i meta
>> INIT_RECVD_OUR_AUTH     __OUR_AUTH && ( __NOT_OUR_AUTH == 0) describe
>> INIT_RECVD_OUR_AUTH     Initially received by us using authentication tflags
>> INIT_RECVD_OUR_AUTH     nice score           INIT_RECVD_OUR_AUTH     -20
>> First I test that the email was received using smtp-auth and second i test that there exists no
>>  "non-authenticated" received lines in the email header. So if both conditions are true I know
>> that my email server initially received that email and the sender is authenticated.
>> Christian
>> Radu Spineanu schrieb:
>>> Hi
>>> Can mailscanner be configured to ignore all checks for
>> messages sent via
>>> smtp auth?
>>> In my current setup, when i try to send an email from home using SMTP AUTH it's marked as
>>> SPAM because if fails SPF and some RBL checks (ip block was added in rbls as it's used for
>>> home use).
>>> Radu
>> -- MailScanner mailing list mailscanner at 
>> Before posting, read
>> Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list