You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by "Daniel M. Drucker" <dm...@3e.org> on 2005/02/09 15:19:57 UTC
disabling first-hop dialup checks? (RCVD_IN_SORBS_DUL)
I know I've solved this before, but on a new install of 3.0.2 I'm
finding messages getting tagged as RCVD_IN_SORBS_DUL, even though I'm
pretty sure SA is supposed to ignore the first hop for that by default.
It's not ignoring it, though.
I'd search the gmane archives for this, but gmane's search facility is
down. Can someone help?
Daniel
Re: disabling first-hop dialup checks? (RCVD_IN_SORBS_DUL)
Posted by "Daniel M. Drucker" <dm...@3e.org>.
Daniel M. Drucker wrote:
> I was hoping for a real solution, but it seems that's what I'm going to
> have to do -- the rules are in fact correctly set to -notfirsthop, but
> it seems my qmail install is putting the Received lines in the wrong order!
If anyone can shed any light on why this might be happening...
Here's what happens when I send a test message to myself. I'm sending
this from Thunderbird, using my own mail server (mail.3e.org) for SMTP.
What I'm not grasping is why this isn't falling under the notfirsthop
rule...
|Return-Path: <dm...@3e.org>
|Delivered-To: 35-dmd@3e.org
|Received: (qmail 4700 invoked by uid 2520); 9 Feb 2005 14:32:29 -0000
|Received: from 24.193.244.79 by neko.3edges.org (envelope-from
|<dm...@3e.org>, uid 2020) with qmail-scanner-1.24st
| (clamdscan: 0.80/685. spamassassin: 3.0.2. perlscan: 1.24st.
| Clear:RC:0(24.193.244.79):SA:0(2.1/4.0):.
| Processed in 4.581338 secs); 09 Feb 2005 14:32:29 -0000
|X-Spam-Status: No, hits=2.1 required=4.0
|X-Envelope-From: dmd@3e.org
|Received: from 24-193-244-79.ucwphilly.rr.com (HELO ?192.168.1.10?)
|(24.193.244.79)
| by 69.64.51.236 with (DHE-RSA-AES256-SHA encrypted) SMTP; 9 Feb 2005
|14:32:24 -0000
|Message-ID: <42...@3e.org>
|Date: Wed, 09 Feb 2005 09:32:29 -0500
|From: Daniel Drucker <dm...@3e.org>
|Organization: 3edges
|User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206)
|X-Accept-Language: en-us, en
|MIME-Version: 1.0
|To: Daniel Drucker <dm...@3e.org>
|Subject: test
|Content-Type: text/plain; charset=ISO-8859-1; format=flowed
|Content-Transfer-Encoding: 7bit
|X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on |neko.3edges.org
|X-Spam-Level: **
|X-Qmail-Scanner-MOVED-X-Spam-Status: No, score=2.1 required=4.0
|tests=AWL,RCVD_BY_IP,
| RCVD_IN_NJABL_DUL,RCVD_IN_SORBS_DUL autolearn=disabled |version=3.0.2
|
|test 2
Re: disabling first-hop dialup checks? (RCVD_IN_SORBS_DUL)
Posted by "Daniel M. Drucker" <dm...@3e.org>.
Martin Hepworth wrote:
> change the score of that rule to zero in local.cf and it won't run.
I was hoping for a real solution, but it seems that's what I'm going to
have to do -- the rules are in fact correctly set to -notfirsthop, but
it seems my qmail install is putting the Received lines in the wrong order!
Daniel Drucker
Re: disabling first-hop dialup checks? (RCVD_IN_SORBS_DUL)
Posted by Martin Hepworth <ma...@solid-state-logic.com>.
Daniel
change the score of that rule to zero in local.cf and it won't run.
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
Daniel M. Drucker wrote:
> I know I've solved this before, but on a new install of 3.0.2 I'm
> finding messages getting tagged as RCVD_IN_SORBS_DUL, even though I'm
> pretty sure SA is supposed to ignore the first hop for that by default.
> It's not ignoring it, though.
>
> I'd search the gmane archives for this, but gmane's search facility is
> down. Can someone help?
>
> Daniel
>
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote confirms that this email message has been swept
for the presence of computer viruses and is believed to be clean.
**********************************************************************
Re: disabling first-hop dialup checks? (RCVD_IN_SORBS_DUL)
Posted by Matt Kettler <mk...@comcast.net>.
At 09:19 AM 2/9/2005, Daniel M. Drucker wrote:
>I know I've solved this before, but on a new install of 3.0.2 I'm finding
>messages getting tagged as RCVD_IN_SORBS_DUL, even though I'm pretty sure
>SA is supposed to ignore the first hop for that by default. It's not
>ignoring it, though.
If SA isn't skipping the first hop, you probably have a NATed mailserver
and need to manualy configure your trusted_networks setting.
Other symptoms of this problem include spam that matches ALL_TRUSTED, and
failure of whitelist_from_rcvd to match reliably.