You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Matt <ma...@gmail.com> on 2012/06/27 18:43:24 UTC
Skipping Blacklists
Is there a way to tell SA to skip blacklist checks against certain IP
pools? I still want all other tests run but the IP may be listed in
SORBS-DUHL and others due to being dynamic.
Re: Skipping Blacklists
Posted by David B Funk <db...@engineering.uiowa.edu>.
On Thu, 28 Jun 2012, Matus UHLAR - fantomas wrote:
> On 27.06.12 11:43, Matt wrote:
>> Is there a way to tell SA to skip blacklist checks against certain IP
>> pools? I still want all other tests run but the IP may be listed in
>> SORBS-DUHL and others due to being dynamic.
>
> why? dynamic checks belong to the most powerful when checking for spamminess.
>
> do your users connect through such IPs? If so, do they use SMTP
> authentication and is that authentication info visible to spamassassin?
>
> Do you have properly set up trusted_networks as Benny suggested?
> (well, if your users use authentication and SA cen see it, you would not even
> need adding those IPs to trusted_networks)
Actually if you use SMTP-AUTH & everything is working correctly you
-don't- want to add your users' IP addrs to trusted_networks. Those IP
addrs should only "gain trust" when properly auth'ed. (EG that
home/appartment NAT addr may have several different computers behind it
you only want to trust the one connection when auth'ed, which is what
SMTP-AUTH is for).
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
Re: Skipping Blacklists
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
On 27.06.12 11:43, Matt wrote:
>Is there a way to tell SA to skip blacklist checks against certain IP
>pools? I still want all other tests run but the IP may be listed in
>SORBS-DUHL and others due to being dynamic.
why? dynamic checks belong to the most powerful when checking for
spamminess.
do your users connect through such IPs? If so, do they use SMTP
authentication and is that authentication info visible to spamassassin?
Do you have properly set up trusted_networks as Benny suggested?
(well, if your users use authentication and SA cen see it, you would
not even need adding those IPs to trusted_networks)
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I don't have lysdexia. The Dog wouldn't allow that.
Re: Skipping Blacklists
Posted by Benny Pedersen <me...@junc.org>.
Den 2012-06-27 18:43, Matt skrev:
> Is there a way to tell SA to skip blacklist checks against certain IP
> pools? I still want all other tests run but the IP may be listed in
> SORBS-DUHL and others due to being dynamic.
yes add this ip cidr to trusted_networks, keep in mind it also disables
ip whitelist, but as you wish it does disable rbl for this ip
just dont add 0.0.0.0/0 :)