You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Jake Colman <co...@ppllc.com> on 2005/05/19 16:57:33 UTC
SA Being Bypassed?
Under normal circumstances all my incoming email is filtered, via
spamc/spamd, through SA. If my sendmail is down all my email is delivered to
a backup MX that is hosted elsewhere in a different domain. When my sendmail
comes back up, the backup MX dumps me all of my email. All of that incoming
email seems to skip my SA process and gets delivered straight to my user
inboxes without benefit of filtering. If I check the email headers they
clearly do not have my SA headers added to them.
Am I missing some obvious SA configuration that would address this? Is what
I am seeing impossible to be true - which means that something else is going
on and I am misstating this?
TIA!
...Jake
--
Jake Colman
Sr. Applications Developer
Principia Partners LLC
Harborside Financial Center
1001 Plaza Two
Jersey City, NJ 07311
(201) 209-2467
www.principiapartners.com
Re: SA Being Bypassed?
Posted by Theo Van Dinter <fe...@kluge.net>.
On Thu, May 19, 2005 at 10:57:33AM -0400, Jake Colman wrote:
> Am I missing some obvious SA configuration that would address this? Is what
> I am seeing impossible to be true - which means that something else is going
> on and I am misstating this?
It's an issue for however you have your filtering setup. SA filters anything
that gets passed to it. There's no bypass method in SA itself.
--
Randomly Generated Tagline:
I dunno, I dream in Perl sometimes...
-- Larry Wall in <85...@jpl-devvax.JPL.NASA.GOV>
Re: SA Being Bypassed?
Posted by David B Funk <db...@engineering.uiowa.edu>.
On Sun, 22 May 2005, Elizabeth Schwartz wrote:
> I'm sorry, I shoudln't post late at night. I am running SA as a
> sendmail milter. And of course SA is happy to filter again mail which
> has been filtered once - but I would love some way to tell it NOT to.
> I have an external relay running SA, and I can guarantee that any mail
> sent from the external relay to the internal relay has been scanned,
> so I'd like to avoid the processor load of scanning it twice (since my
> internal relay is a slower machine...plans to upgrade are in the
> works.. but meanwhile...)
>
> I understand that this has to be done by something outside of SA, but
> I'm not sure what would work with sendmail to do this, and the
> previous poster seems to have accomplished this *without* wanting to,
> so I'm wondering how he did it!
Elizabeth,
This depends upon the milter that you're using. As far as sendmail is
concerned, once a milter is configured all messages get passed to it.
The milter would have to decide whether it wants to pass any particular
message on to spamd or just give it a pass.
For example, milter-spamc (http://www.milter.info/milter-spamc/index.shtml)
can integrate with the sendmail 'access-db' file to control processing of
specific messages.
I use miltrassassin which I've customized to look for a specific macro
value from sendmail and use that as a control parameter. Thus I can write
sendmail rules based upon characeristics of the message to set the
control macro and thus control the fuctioning of the milter.
So, for example, in the sendmail 'check_relay' rule, I check the IP
address of the message sender and if it's a locally generated message
set the 'skip_check' macro to tell the milter to not SA check that
message.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
Re: SA Being Bypassed?
Posted by Loren Wilton <lw...@earthlink.net>.
> I understand that this has to be done by something outside of SA, but
> I'm not sure what would work with sendmail to do this, and the
Procmail will do this trivially; but of course that might not be part of
your setup.
Loren
Re: SA Being Bypassed?
Posted by Elizabeth Schwartz <be...@gmail.com>.
I'm sorry, I shoudln't post late at night. I am running SA as a
sendmail milter. And of course SA is happy to filter again mail which
has been filtered once - but I would love some way to tell it NOT to.
I have an external relay running SA, and I can guarantee that any mail
sent from the external relay to the internal relay has been scanned,
so I'd like to avoid the processor load of scanning it twice (since my
internal relay is a slower machine...plans to upgrade are in the
works.. but meanwhile...)
I understand that this has to be done by something outside of SA, but
I'm not sure what would work with sendmail to do this, and the
previous poster seems to have accomplished this *without* wanting to,
so I'm wondering how he did it!
Re: SA Being Bypassed?
Posted by Loren Wilton <lw...@earthlink.net>.
> relay hosts, but nothing from the external would get filtered by the
> internal (since it's already been through the filter on the
> external...) sounds like you've accomplished that!
Eh? SA is perfectly happy to filter mail that has been through some version
of SA before. After all, you may have different rules than the previous trip
through, or the previous header saying it isn't spam may be completely faked
by some spammer.
Loren
Re: SA Being Bypassed?
Posted by Elizabeth Schwartz <be...@gmail.com>.
If you figure it out I'd love to know how you did it - I have been
wanting to set SA up so that it is running on my external and internal
relay hosts, but nothing from the external would get filtered by the
internal (since it's already been through the filter on the
external...) sounds like you've accomplished that!