SMTP AUTH and no Scanning

Hugo van der Kooij hvdkooij at vanderkooij.org
Sun Mar 30 16:39:48 IST 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Marcel Blenkers wrote:

| As i am now using SMTP Auth and got almost every user on the system to do
| so, i would love to skip those mails, sended by those users who used smtp
| auth, for scanning.
|
| Means,
|
| a user sends a mail with smtp auth and the mail will go through unscanned.
| Or do you think this is a bad idea?

First off. Start by adding the details to your headers. Or to quote
http://www.postfix.org/SASL_README.html:

To report SASL login names in Received: message headers (Postfix version
2.3 and later):

~    /etc/postfix/main.cf:
~        smtpd_sasl_authenticated_header = yes


Then you get a Receive: header like this:

Received: from frodo.hugo.vanderkooij.org (hugovdkooij.xs4all.nl
[82.95.223.25])
	(Authenticated sender: hvdkooij at vanderkooij.org)
	by balin.waakhond.net (Postfix) with ESMTP id 7CA7E17E8F92
	for <hugo at vanderkooij.org>; Sun, 30 Mar 2008 16:38:56 +0200 (CEST)

The order is important so SASL authenticated user can still originate
from networks that are listed in RBL's in your postfix config.

How to write something to exclude it from MailScanner alltogether is
something I have not yet figured out. If I am not mistaken the following
criteria must be met:

~ 1. It must be the only Received: header line.
~ 2. It must show it has done authentication on your own host.
~ 3. It must show an authenticated user.

Given that postfix adds this line when it puts the file in the queue for
~ MS the decision must be made in MS.

Hugo.

- --
hvdkooij at vanderkooij.org               http://hugo.vanderkooij.org/
PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc

	A: Yes.
	>Q: Are you sure?
	>>A: Because it reverses the logical flow of conversation.
	>>>Q: Why is top posting frowned upon?

Bored? Click on http://spamornot.org/ and rate those images.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFH77RCBvzDRVjxmYERAlj0AJ9tqCdTn3kJLJIv+dd8dProIAE3CQCcC/Ji
9wKZkB4Kp5hZh86NFdYWuFE=
=4ul6
-----END PGP SIGNATURE-----

More information about the MailScanner mailing list