Bypass authenticated users

Mark Sapiro mark at msapiro.net
Fri May 28 01:56:36 IST 2010


On 11:59 AM, Philip Zeigler wrote:
> I have recently switched from using a Blackberry to using an
> Android-based phone.  Android email uses the wireless carrier's domain
> instead of the Blackberry domain.  Unfortunately, it seems that the
> carrier's domain is included in several of the RBLs.
> 
> What is the proper way to bypass RBL/SPAM checks for authenticated
> users?  I am using Postfix and 4.79.11 version of MailScanner.


Here's what I've done.

First put

smtpd_sasl_authenticated_header = yes

in Postfix main.cf so you get an "Authenticated sender:" entry in
Received headers for SASL autnenticated mail.

Then make the following spamassassin rules

header __X_GPC_SASL_1 Received =~ /Authenticated sender:.*by
sbh16.songbird.com/
header __X_GPC_SASL_2 ALL =~ /^Received:.*^Received:.* by
sbh16.songbird.com /msi
meta X_GPC_SASL __X_GPC_SASL_1 && !__X_GPC_SASL_2
describe X_GPC_SASL SASL Authenticated mail

__X_GPC_SASL_1 tests for a Received: with an Authenticad sender by my
server. __X_GPC_SASL_2 tests for a possible forged Received: by my
server header, i.e. a Received: header other than the first with my
server's name. Then the X_GPC_SASL meta rule says that the header that
matched __X_GPC_SASL_1 was my server's actual Received: header because
it was the first and only Received: by my server header.

Then you can give this rule a large negative score to get the mail
through. This will work if you are only scoring RBLs in spamassassin,
but not if you are separately testing them in MailScanner.

It turns out that while the above worked, it was not needed in my case.
My problem with mail from my android phone was with the botnet plugin
that I use with SpamAssassin, but as soon as I added

smtpd_sasl_authenticated_header = yes

to main.cf, SASL authenticated mail hit ALL_TRUSTED and not BOTNET. So
another possible approach is to just add the header info and give
ALL_TRUSTED a more negative score if necessary.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan



More information about the MailScanner mailing list