Authenticated senders
James Pattinson
james at pattinson.org
Tue Apr 12 13:05:56 IST 2011
Hi Alex
That makes sense, and is probably similar to what I will end up doing,
but it still doesn't seem like an ideal solution - it still seems like I
am doing something "wrong" and it requires a kludge to work.
Does anyone have a better way or doing things? Should I be using
something other than SMTP auth to really trust my senders?
James
On 12/04/2011 12:57, Alex Neuman wrote:
> This is how I would do it:
>
> 1. Send a message from myself to someone else in the same domain WITHOUT using authentication. In theory, it should work - authentication is usually only necessary to send mail OUTSIDE of the domain.
> 2. Send another message, authenticated, somewhere else.
> 3. Check the headers. There should be a difference; something like "user xxx with yyy auth and zzz bits" in the header.
> 4. Write a custom rule in spamassassin to score it -100 for example.
>
> I don't know Postfix as well as sendmail; at sendmail's /etc/mail/sendmail.mc I modify the REC_FULL_AUTH part so that it includes an additional word and then check for it with "header soandso" in /etc/mail/spamassassin/local.cf.
>
> This wouldn't bypass MailScanner completely, but it insures it won't be scored as SPAM.
>
> On Apr 12, 2011, at 6:43 AM, James Pattinson wrote:
>
>> Hi List!
>>
>> I am using MailScanner with Postfix and ClamAV to run a simple mail server for myself and my family.
>>
>> I use SMTP AUTH to enable mail to be sent from various places such as home ISPs and Mobile Internet providers and would ideally like to have authenticated mail skip right through the RBL checks.
>>
>> I know this has been discussed in the past and I did find a thread from someone who ended up writing custom perl scripts to do this.
>>
>> As this was a few years ago I'd like some advice as to how this is best done these days! I find it really hard to believe that this is not a really common usage scenario, surely RBL checks are completely irrelvant when SMTP auth is in use? I am even using port 587 and TLS to submit messages!
>>
>> Currently my workaround is to have my sending address configured in rules/spam.whitelist.rules but this is not ideal as I still get spammers faking my address.
>>
>> Would love to get some input on this :)
>>
>> Cheers
>> James
>>
>>
>> --
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>
>> Before posting, read http://wiki.mailscanner.info/posting
>>
>> Support MailScanner development - buy the book off the website!
>
> --
>
> Alex Neuman van der Hans
> Reliant Technologies / Vida Digital
> http://vidadigital.com.pa/
>
> +507-6781-9505
> +507-832-6725
> +1-440-253-9789 (USA)
>
> Follow @AlexNeuman on Twitter
> http://facebook.com/vidadigital
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>
More information about the MailScanner
mailing list