Problem with Iphones

Alex Neuman alex at rtpty.com
Wed Sep 22 18:03:10 IST 2010


That's the beauty of the list. You can turn my crude thing into something more elegant ;-)
--

Alex Neuman
BBM 20EA17C5
+507 6781-9505
Skype:alex at rtpty.com

-----Original Message-----
From: Steve Freegard <steve.freegard at fsl.com>
Sender: mailscanner-bounces at lists.mailscanner.info
Date: Wed, 22 Sep 2010 17:52:32 
To: MailScanner discussion<mailscanner at lists.mailscanner.info>
Reply-To: MailScanner discussion <mailscanner at lists.mailscanner.info>
Subject: Re: Problem with Iphones

Alex,

On 22/09/10 17:05, Alex Neuman wrote:
> You're using sendmail.
>
> Find cfhead.m4 - should be in /usr/share/sendmail-cf/m4 if you're using CentOS.
>
> Look for the line (on or near line 274) that says:
> define(`confRECEIVED_HEADER', `_REC_HDR_
>
> This is where the header is defined. The next line reads:
>          _REC_AUTH_$?{auth_ssf} bits=${auth_ssf}$.)
>
> Change it to:
>          _REC_FULL_AUTH_$?{auth_ssf} YOURTOKEN bits=${auth_ssf}$.)
>
> The REC_FULL_AUTH will give you a better idea of the username that authenticated - not just *the fact that the user did authenticate*.

Ddon't edit sendmail supplied m4 files.  Edit /etc/mail/sendmail.mc 
instead; all of those macros should still be available to you there...

e.g.

define(`confRECEIVED_HEADER', `......')dnl

> The YOURTOKEN would be something that's not obviously "your token" so it doesn't get picked up by spammers. This is what we'll look for using SA.
>
> Find your local.cf for spamassassin. This should be in /etc/mail/spamassassin. Go to the end and add:
>
> header YOURTOKEN ALL =~ /YOURTOKEN/

Yuck.  Don't use 'ALL' when Received is far more appropriate.  On 
messages with a lot of headers you'll waste a load of CPU and time. 
Instead:

header YOURTOKEN Received =~ /foo/

You can also make it less spoofable using X-Spam-Relays-Trusted: 
metadata header added by SpamAssassin.

Run one of these messages through 'spamassassin -D -t < msg | grep 
X-Spam-Relays' and look what output you get for 'auth=' for an example 
message.  You can then write an un-spoofable rule (provided your 
TrustPath is correct) via:

header FOO X-Spam-Relays-Trusted =~ /auth=foo/i

With this method - you might not even need this particular rule as with 
the trust path correct; the OPs problem of hitting RCVD_IN_PBL, 
RDNS_DYNAMIC etc. goes away as trusted hosts aren't tested.

Regards,
Steve.
-- 
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website! 


More information about the MailScanner mailing list