<br><br><div class="gmail_quote">On Wed, Jun 10, 2009 at 8:36 AM, Glenn Steen <span dir="ltr"><<a href="mailto:glenn.steen@gmail.com">glenn.steen@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
2009/6/10 Devon Harding <<a href="mailto:devonharding@gmail.com">devonharding@gmail.com</a>>:<br>
<div><div></div><div class="h5">><br>
><br>
> On Wed, Jun 10, 2009 at 3:34 AM, Julian Field <<a href="mailto:MailScanner@ecs.soton.ac.uk">MailScanner@ecs.soton.ac.uk</a>><br>
> wrote:<br>
>><br>
>><br>
>> On 09/06/2009 16:20, Steve Freegard wrote:<br>
>>><br>
>>> Devon Harding wrote:<br>
>>><br>
>>>><br>
>>>> Ok, here's my dilemma. My ISP has blocked port 25 on my connection, so<br>
>>>> I'm forced to have my DNS provider (EasyDNS) redirect all my email to<br>
>>>> port 2525. This works fine, the only problem now is I'm seeing an<br>
>>>> influx of SPAM which I believe is because MailScanner is seeing EasyDNS<br>
>>>> as a safe sender& not processing any rules based on IP Address. How do<br>
>>>> I get MailScanner disregard the IP address from EasyDNS and process the<br>
>>>> next hop? I guess something like X-Forwarded-For for SMTP.<br>
>>>><br>
>>><br>
>>> > From the changlog of the latest 4.77 release:<br>
>>><br>
>>> "Read IP Address From Received Header" has been extended, so it will now<br>
>>> take a number instead of yes or no. "yes"=1 and "no"=0. If it is set to<br>
>>> "yes" or a number, then the SMTP client IP address is taken from the<br>
>>> "Received:" header. For example, setting it to 2 will cause the IP<br>
>>> address to be taken from the 2nd Received: header.<br>
>>><br>
>>><br>
>><br>
>> You took the words right out of my mouth! :-)<br>
>> I knew someone would find this useful before too long...<br>
>><br>
>> Jules<br>
>><br>
><br>
> The setting works, but how do I get it work with RCVD_IN_DNSWL_LOW which<br>
> still gives my messages a -1 score.<br>
> -Devon<br>
><br>
</div></div>You configure your trusted_networks/internal_networks correctly (for<br>
SA... Likely in <a href="http://local.cf" target="_blank">local.cf</a> or <a href="http://mailscanner.cf" target="_blank">mailscanner.cf</a>)... SA will normally<br>
"autodetect" what this should be, but since you want to trust the<br>
"last hop", you need specify that/those IP addresses (and all "local"<br>
trusted networks/addresses) explicitly. Scott gave you a link, but<br>
ISTR there should be a better one .... This is to the specific<br>
section: <a href="http://spamassassin.apache.org/full/3.1.x/doc/Mail_SpamAssassin_Conf.html#network_test_options" target="_blank">http://spamassassin.apache.org/full/3.1.x/doc/Mail_SpamAssassin_Conf.html#network_test_options</a><br>
... and this is to the wiki page:<br>
<a href="http://wiki.apache.org/spamassassin/TrustPath" target="_blank">http://wiki.apache.org/spamassassin/TrustPath</a> and another good one:<br>
<a href="http://wiki.apache.org/spamassassin/TrustedRelays" target="_blank">http://wiki.apache.org/spamassassin/TrustedRelays</a><br>
<br>
Cheers<br>
<font color="#888888">--<br>
-- Glenn<br>
email: glenn < dot > steen < at > gmail < dot > com<br>
work: glenn < dot > steen < at > ap1 < dot > se<br>
</font><div><div></div><div class="h5">--<br>
</div></div></blockquote><div><br></div><div>But if I trust my 'last hop', in my case EasyDNS, wouldn't it mark ALL messages from them (Including the SPAM) as clean?</div><div><br></div><div>Here's and example of the mail hops from a SPAM and how MailScanner now sees it. (taken from Mailwatch. <a href="http://domain.com">domain.com</a> is used for my domain)</div>
<div><br></div><div><div>Received from:<span class="Apple-tab-span" style="white-space:pre">        </span></div><div>38.99.42.36<span class="Apple-tab-span" style="white-space:pre">        </span></div><div>Received Via:<span class="Apple-tab-span" style="white-space:pre">        </span></div>
<div>IP Address<span class="Apple-tab-span" style="white-space:pre">        </span>Hostname<span class="Apple-tab-span" style="white-space:pre">        </span></div><div>64.68.200.52<span class="Apple-tab-span" style="white-space:pre">        </span><a href="http://smtp.easydns.com">smtp.easydns.com</a><span class="Apple-tab-span" style="white-space:pre">        </span></div>
<div>38.99.42.36<span class="Apple-tab-span" style="white-space:pre">        </span><a href="http://smtp.podomatic.com">smtp.podomatic.com</a><span class="Apple-tab-span" style="white-space:pre">        </span></div><div>127.0.0.1<span class="Apple-tab-span" style="white-space:pre">        </span> <a href="http://mars.domain.com">mars.domain.com</a><span class="Apple-tab-span" style="white-space:pre">        </span></div>
<div>38.99.42.42<span class="Apple-tab-span" style="white-space:pre">        </span><a href="http://luke.dc.podomatic.com">luke.dc.podomatic.com</a></div></div></div>