<div dir="ltr"><div><div>Martin,<br><br></div>We do not white list the <a href="http://cnm.edu">cnm.edu</a> domain. We do white list some departments (example, <span class="">The Marketing and Communications Office, The Office of the President, etc.) because they sent such high volume of email it takes too much time to inspect them all. They are white listed via .../rules/spam.whitelist.rules and not in the white list postfix uses.<br>
<br></span></div><span class="">-Robert<br></span></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Mar 20, 2013 at 7:40 AM, Martin Hepworth <span dir="ltr"><<a href="mailto:maxsec@gmail.com" target="_blank">maxsec@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">the 'watermaking' is based on the ability of mailScanner to addin an extra header containing a (I think) hash of your Org-name salted with the predefined secret in your MailScanner.conf<br>
<br><a href="http://www.mailscanner.info/MailScanner.conf.index.html#Watermark%20Header" target="_blank">http://www.mailscanner.info/MailScanner.conf.index.html#Watermark%20Header</a> <br>
<br>Not any use for this case and it's purely for use in MailScanner code.<br><br>I would check your whitelisting rules (definitely no spam etc) and make sure you're not whitelisting your own domain, this is a common mistake and lets alot of spam through that would normally be detected. If you need to whitelist your domain then use the ip-addresses of the internal email servers and not your domain.<br>
<br><br clear="all"><div>-- <br>Martin Hepworth, CISSP<br>Oxford, UK</div>
<br><br><div class="gmail_quote"><div><div class="h5">On 19 March 2013 23:57, Robert Lopez <span dir="ltr"><<a href="mailto:rlopezcnm@gmail.com" target="_blank">rlopezcnm@gmail.com</a>></span> wrote:<br></div></div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5">
<div dir="ltr"><div>I understand watermarking is to defend against "joe job blowback". I think I understand that blowback problem is when email is sent, using for example my address, to many other domains and all the flack (blow back) comes back to me.<br>
<br></div>I am wondering if this watermarking is of any use in a type of SPAM we now frequently see. It is where email is sent to a list of addresses, all at our domain, and the from address is also the first address in the address list. Everyone else thinks the first person sent it. Our gateways send such email to Exchange and any communication back to the sender is entirely within Exchange and never comes back through the gateways again. <br>
<br>In this kind of SPAM I have always considered it of no use. Am I wrong in my thinking?<span><font color="#888888"><br clear="all"><div><div><br>-- <br>Robert Lopez<br>Unix Systems Administrator<br>Central New Mexico Community College (CNM)<br>
525 Buena Vista SE<br>
Albuquerque, New Mexico 87106
</div></div></font></span></div>
<br></div></div><span class="HOEnZb"><font color="#888888">--<br>
MailScanner mailing list<br>
<a href="mailto:mailscanner@lists.mailscanner.info" target="_blank">mailscanner@lists.mailscanner.info</a><br>
<a href="http://lists.mailscanner.info/mailman/listinfo/mailscanner" target="_blank">http://lists.mailscanner.info/mailman/listinfo/mailscanner</a><br>
<br>
Before posting, read <a href="http://wiki.mailscanner.info/posting" target="_blank">http://wiki.mailscanner.info/posting</a><br>
<br>
Support MailScanner development - buy the book off the website!<br>
<br></font></span></blockquote></div><br>
<br>--<br>
MailScanner mailing list<br>
<a href="mailto:mailscanner@lists.mailscanner.info">mailscanner@lists.mailscanner.info</a><br>
<a href="http://lists.mailscanner.info/mailman/listinfo/mailscanner" target="_blank">http://lists.mailscanner.info/mailman/listinfo/mailscanner</a><br>
<br>
Before posting, read <a href="http://wiki.mailscanner.info/posting" target="_blank">http://wiki.mailscanner.info/posting</a><br>
<br>
Support MailScanner development - buy the book off the website!<br>
<br></blockquote></div><br><br clear="all"><br>-- <br>Robert Lopez<br>Unix Systems Administrator<br>Central New Mexico Community College (CNM)<br>525 Buena Vista SE<br>Albuquerque, New Mexico 87106
</div>