Mailscanner & redirected mail
Devon Harding
devonharding at gmail.com
Wed Jun 10 16:58:59 IST 2009
On Wed, Jun 10, 2009 at 8:36 AM, Glenn Steen <glenn.steen at gmail.com> wrote:
> 2009/6/10 Devon Harding <devonharding at gmail.com>:
> >
> >
> > On Wed, Jun 10, 2009 at 3:34 AM, Julian Field <
> MailScanner at ecs.soton.ac.uk>
> > wrote:
> >>
> >>
> >> On 09/06/2009 16:20, Steve Freegard wrote:
> >>>
> >>> Devon Harding wrote:
> >>>
> >>>>
> >>>> Ok, here's my dilemma. My ISP has blocked port 25 on my connection,
> so
> >>>> I'm forced to have my DNS provider (EasyDNS) redirect all my email to
> >>>> port 2525. This works fine, the only problem now is I'm seeing an
> >>>> influx of SPAM which I believe is because MailScanner is seeing
> EasyDNS
> >>>> as a safe sender& not processing any rules based on IP Address. How
> do
> >>>> I get MailScanner disregard the IP address from EasyDNS and process
> the
> >>>> next hop? I guess something like X-Forwarded-For for SMTP.
> >>>>
> >>>
> >>> > From the changlog of the latest 4.77 release:
> >>>
> >>> "Read IP Address From Received Header" has been extended, so it will
> now
> >>> take a number instead of yes or no. "yes"=1 and "no"=0. If it is set to
> >>> "yes" or a number, then the SMTP client IP address is taken from the
> >>> "Received:" header. For example, setting it to 2 will cause the IP
> >>> address to be taken from the 2nd Received: header.
> >>>
> >>>
> >>
> >> You took the words right out of my mouth! :-)
> >> I knew someone would find this useful before too long...
> >>
> >> Jules
> >>
> >
> > The setting works, but how do I get it work with RCVD_IN_DNSWL_LOW which
> > still gives my messages a -1 score.
> > -Devon
> >
> You configure your trusted_networks/internal_networks correctly (for
> SA... Likely in local.cf or mailscanner.cf)... SA will normally
> "autodetect" what this should be, but since you want to trust the
> "last hop", you need specify that/those IP addresses (and all "local"
> trusted networks/addresses) explicitly. Scott gave you a link, but
> ISTR there should be a better one .... This is to the specific
> section:
> http://spamassassin.apache.org/full/3.1.x/doc/Mail_SpamAssassin_Conf.html#network_test_options
> ... and this is to the wiki page:
> http://wiki.apache.org/spamassassin/TrustPath and another good one:
> http://wiki.apache.org/spamassassin/TrustedRelays
>
> Cheers
> --
> -- Glenn
> email: glenn < dot > steen < at > gmail < dot > com
> work: glenn < dot > steen < at > ap1 < dot > se
> --
>
But if I trust my 'last hop', in my case EasyDNS, wouldn't it mark ALL
messages from them (Including the SPAM) as clean?
Here's and example of the mail hops from a SPAM and how MailScanner now sees
it. (taken from Mailwatch. domain.com is used for my domain)
Received from:
38.99.42.36
Received Via:
IP Address Hostname
64.68.200.52 smtp.easydns.com
38.99.42.36 smtp.podomatic.com
127.0.0.1 mars.domain.com
38.99.42.42 luke.dc.podomatic.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20090610/5c0ad8c2/attachment.html
More information about the MailScanner
mailing list