(2nd Request) Disable scanning for a client that connects
via SMTP-AUTH
Gary Faith
gafaith at asdm.net
Sat May 23 01:47:50 IST 2009
I am trying to get around the problem of whitelisting my entire domain which is what I did earlier by allowing any message FROM my domain name without scanning. As I said earlier, this caused problems because people were using my server to send spam using my domain. I only want it to not scan e-mail when it is from the server that authenticates.
The server that I am talking about is a mail server, which used to have a static IP, I use for another unrelated business and my personal e-mail. Due to circumstances, I had to move the server to dynamic DSL (YUCK!) and now I need to relay the mail through the mail scanner because outbound mail would be blocked by RBL's and I have no option to add another mail scanner server at this time. There are other people that I need to have admin access to mailwatch & mailscanner giving them the ability to add users, change configuration, read & release messages, etc. I do not want others to be able to read my other business & personal e-mails, etc. So you see that is why I don't want all mail scanned.
I need a solutions and I thought someone on this list would have a brilliant idea on how to do this. It can't be that hard, can it?
>>> Eli Wapniarski <eli at orbsky.homelinux.org> 5/21/2009 12:54 AM >>>
Gary... With all due respect. Assuming that the mail coming from your servers is not affected by something bad is a mistake. Not to mention, spam that uses your domain as email addresses in the to / from to get around just the kind of scenario is also makes your strategy a mistake.
What harm besides having your server do some work would be caused by having all the mail scanned?
On Thursday 21 May 2009 04:50:33 Gary Faith wrote:
> I am running MailScanner 4.75 on x86_64 and Sendmail 8.13. I have a situation where I am relaying e-mail for a trusted mail server with a dynamic IP who connects to my mail scanner via SMTP Auth. I don't have a need for scanning the outbound e-mail from this server but I do need to have the inbound mail scanned. So I figured I would add the domain to scan.messages.rules.
>
> From: domain.com no
>
> This had the effect of stopping scanning of the mail which was desired but now spam is coming in with the From addresss the same as the To address like: xyz at domain.com to xyz at domain.com. These messages are not being scanned and getting passed through due to the rule above. Obviously, I didn't think this through correctly and I need a better solution.
>
> What is required:
> 1. Outbound mail from the server with a dynamic IP which authenticates to the mail scanner via SMTP Auth = Not Scanned. I wouldn't care if it just goes from sendmail-in to sendmail-out and not even go through mailscanner but I don't know if that is possible.
> 2. All other mail scanned (like normal).
>
> I know I can't base a rule on the IP address since it is dynamic but I am unsure of any other way to accomplish this. Any thoughts on how I can accomplish this?
>
> Thanks,
>
> Gary Faith
>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
Support MailScanner development - buy the book off the website!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20090522/fd5e4976/attachment.html
More information about the MailScanner
mailing list