Problem with Iphones

Steve Freegard steve.freegard at
Wed Sep 22 17:52:32 IST 2010


On 22/09/10 17:05, Alex Neuman wrote:
> You're using sendmail.
> Find cfhead.m4 - should be in /usr/share/sendmail-cf/m4 if you're using CentOS.
> Look for the line (on or near line 274) that says:
> define(`confRECEIVED_HEADER', `_REC_HDR_
> This is where the header is defined. The next line reads:
>          _REC_AUTH_$?{auth_ssf} bits=${auth_ssf}$.)
> Change it to:
>          _REC_FULL_AUTH_$?{auth_ssf} YOURTOKEN bits=${auth_ssf}$.)
> The REC_FULL_AUTH will give you a better idea of the username that authenticated - not just *the fact that the user did authenticate*.

Ddon't edit sendmail supplied m4 files.  Edit /etc/mail/ 
instead; all of those macros should still be available to you there...


define(`confRECEIVED_HEADER', `......')dnl

> The YOURTOKEN would be something that's not obviously "your token" so it doesn't get picked up by spammers. This is what we'll look for using SA.
> Find your for spamassassin. This should be in /etc/mail/spamassassin. Go to the end and add:

Yuck.  Don't use 'ALL' when Received is far more appropriate.  On 
messages with a lot of headers you'll waste a load of CPU and time. 

header YOURTOKEN Received =~ /foo/

You can also make it less spoofable using X-Spam-Relays-Trusted: 
metadata header added by SpamAssassin.

Run one of these messages through 'spamassassin -D -t < msg | grep 
X-Spam-Relays' and look what output you get for 'auth=' for an example 
message.  You can then write an un-spoofable rule (provided your 
TrustPath is correct) via:

header FOO X-Spam-Relays-Trusted =~ /auth=foo/i

With this method - you might not even need this particular rule as with 
the trust path correct; the OPs problem of hitting RCVD_IN_PBL, 
RDNS_DYNAMIC etc. goes away as trusted hosts aren't tested.


More information about the MailScanner mailing list