<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: Arial; font-size: 10pt; color: #000000'>Hi!<br><br>Are you doing RBL checks in MS or in SA? If you are doing it in SA, you need to setup TrustPath correctly in SA, see:<br><br>http://wiki.apache.org/spamassassin/TrustPath<br><br><p class="line867"><em>Why doesn't <a href="http://wiki.apache.org/spamassassin/SpamAssassin">SpamAssassin</a> default to not trusting any hosts?</em> <span class="anchor" id="line-24"></span><span class="anchor" id="line-25"></span></p>Well, trusting too few is in many ways just as bad as trusting too many.<span style="font-weight: bold; font-style: italic;"> Many </span><a style="font-weight: bold; font-style: italic;" href="http://wiki.apache.org/spamassassin/SpamAssassin">SpamAssassin</a><span style="font-weight: bold; font-style: italic;">
rules try to perform checks against the untrusted host that delivered
mail to the first trusted server.</span> If there's too few or too many hosts
that SA trusts, these tests will be examining the wrong host. Both
situations contribute greatly to false negative problems, and to a
lesser extent false positive problems<br><br>Adding mx.old to the config<br><pre>trusted_networks<br></pre>In your spamassassin.conf might be what you need!<br><br>/Markus<br><br><hr id="zwchr"><div style="color: rgb(0, 0, 0); font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;"><b>Från: </b>"Tim Cappell" <tc@sommersoft.de><br><b>Till: </b>"MailScanner discussion" <mailscanner@lists.mailscanner.info><br><b>Skickat: </b>fredag, 5 aug 2011 15:49:16<br><b>Ämne: </b>AW: RBL checks when some mail is received via a relay<br><br>Hi,<br><br>No the relay is not whitelisted. As far as I understand, Mailscanner only queries RBLs for the last relay server which in this case is not blacklisted in any RBL.<br>To clarify my situation I'll try to visualize our current mail flow:<br><br>1) Domain.old: Sender -> mx.old -> mx.new with Mailscanner<br>2) Domain.new: Sender -> mx.new with Mailscanner<br><br>The problem is with part 1) of this setup, because all RBL checks are performed against mx.old which is a "good" server.<br>I would need a setup where Mailscanner uses "Read IP Address From Received Header = 2" for situation 1) and "Read IP Address From Received Header = no" for situation 2).<br>I don't know if this is possible so I'm also looking for alternate suggestions.<br><br>Tim<br><br><br><br>Von: mailscanner-bounces@lists.mailscanner.info [mailto:mailscanner-bounces@lists.mailscanner.info] Im Auftrag von Martin Hepworth<br>Gesendet: Donnerstag, 4. August 2011 19:57<br>An: MailScanner discussion<br>Betreff: Re: RBL checks when some mail is received via a relay<br><br>Why are the emails from this relay being trusted? Have you whitelisted it or something?<br><br>Martin<br><br>On Thursday, 4 August 2011, Tim Cappell <tc@sommersoft.de> wrote:<br>> We have a Mailscanner setup where some of the mails (from an older domain) are received by a relay (which is not blacklisted). Mailscanner works fine for all the mails we receive directly but RBL checks do not apply to those mails sent via the relay (which is still about 50%). Thus there are a lot of spam mails that get through although the originating mail server is blacklisted.<br>><br>> Is there a way to apply a method similar to "Read IP Address From Received Header" _only_ to mails where the last hop is that specific relay server?<br>><br>> <br>><br>> Best regards,<br>><br>> <br>><br>> Tim Cappell<br><br>-- <br>-- <br>Martin Hepworth<br>Oxford, UK<br>--<br>MailScanner mailing list<br>mailscanner@lists.mailscanner.info<br>http://lists.mailscanner.info/mailman/listinfo/mailscanner<br><br>Before posting, read http://wiki.mailscanner.info/posting<br><br>Support MailScanner development - buy the book off the website!<br><br><br><br></div><br></div></body></html>