(2nd Request) Disable scanning for a client that connects via SMTP-AUTH

Gary Faith gafaith at asdm.net
Sat May 23 01:47:50 IST 2009

I am trying to get around the problem of whitelisting my entire domain which is what I did earlier by allowing any message FROM my domain name without scanning.  As I said earlier, this caused problems because people were using my server to send spam using my domain.  I only want it to not scan e-mail when it is from the server that authenticates.  
The server that I am talking about is a mail server, which used to have a static IP, I use for another unrelated business and my personal e-mail.  Due to circumstances, I had to move the server to dynamic DSL (YUCK!) and now I need to relay the mail through the mail scanner because outbound mail would be blocked by RBL's  and I have no option to add another mail scanner server at this time.  There are other people that I need to have admin access to mailwatch & mailscanner giving them the ability to add users, change configuration, read & release messages, etc.  I do not want others to be able to read my other business & personal e-mails, etc.  So you see that is why I don't want all mail scanned.  
I need a solutions and I thought someone on this list would have a brilliant idea on how to do this.  It can't be that hard, can it?

>>> Eli Wapniarski <eli at orbsky.homelinux.org> 5/21/2009 12:54 AM >>>
Gary... With all due respect. Assuming that the mail coming from your servers is not affected by something bad is a mistake. Not to mention, spam that uses your domain as email addresses in the to / from to get around just the kind of scenario is also makes your strategy a mistake.

What harm besides having your server do some work would be caused by having all the mail scanned?

On Thursday 21 May 2009 04:50:33 Gary Faith wrote:
> I am running MailScanner 4.75 on x86_64 and Sendmail 8.13.  I have a situation where I am relaying e-mail for a trusted mail server with a dynamic IP who connects to my mail scanner via SMTP Auth.  I don't have a need for scanning the outbound e-mail from this server but I do need to have the inbound mail scanned.  So I figured I would add the domain to scan.messages.rules.  
> From:    domain.com   no
> This had the effect of stopping scanning of the mail which was desired  but now spam is coming in with the From addresss the same as the To address like: xyz at domain.com to xyz at domain.com.  These messages are not being scanned and getting passed through due to the rule above.  Obviously, I didn't think this through correctly and I need a better solution.
> What is required:
> 1.  Outbound mail from the server with a dynamic IP which authenticates to the mail scanner via SMTP Auth = Not Scanned.  I wouldn't care if it just goes from sendmail-in to sendmail-out and not even go through mailscanner but I don't know if that is possible.
> 2.  All other mail scanned (like normal).
> I know I can't base a rule on the IP address since it is dynamic but I am unsure of any other way to accomplish this.  Any thoughts on how I can accomplish this?
> Thanks,
> Gary Faith

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

MailScanner mailing list
mailscanner at lists.mailscanner.info

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website! 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20090522/fd5e4976/attachment.html

More information about the MailScanner mailing list