You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Gareth <li...@linguaphone.co.uk> on 2004/12/15 12:51:17 UTC
Bypassing spam checking when using Postfix
I use Suse Openexchange as our mail server and I have amavis installed
for virus scanning and spamassassin.
I have a problem where when people send mail using SMTP Auth
spamassassin penalises them because they are sending from a dynamic IP
address etc...
Currently I am having to whitelist their addresses which also allows
some spam through.
How do other people get around this problem?
I can't see a way of getting Postfix to add a custom header for email
received via SMTP Auth. If I could do this then I could write a custom
spamassassin rule to whitelist these emails.
I am currently looking into having TLS configured in Postfix listening
on a different port which sends the mail to a second copy of amavis
which when it finishes sends it back to postfix without going via
spamassassin. This just seems a bit over complicated.
Re: Bypassing spam checking when using Postfix
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
Gareth wrote:
>On Thu, 2004-12-16 at 02:48, Daryl C. W. O'Shea wrote:
>
>
>>If Postfix can be made to add, or already does add, RFC 3848 header
>>'with' tokens, new versions of SA (3.0.2 and on) will fix your problem.
>>Until then you can use this patch:
>>http://bugzilla.spamassassin.org/attachment.cgi?id=2547&action=view
>>
>>
>
>OpenExchange is a bit of a pain with installing customised versions. I
>would prefer not to have to manually install a self compiled version. If
>Postfix can add a token I could just write a custom SA rule to add -100
>to the score which would be sufficient.
>
>
You should be able to get Postfix to 'PREPEND' a header whenever someone
connects with SASL, etc. You'd have to look up the syntax.
>>If it doesn't add these tokens (such as 'with esmtpa') could you send me
>>a copy of an authenticated received header generated by Postfix?
>>
>>
>
>I have attached the headers from a test email at the end of this mail.
>
>
>Received: from localhost (localhost [127.0.0.1]) by
>mail.linguaphone-intranet.co.uk (Postfix) with ESMTP id 6A8CB86914 for
><xx...@linguaphone.co.uk>; Thu, 16 Dec 2004 09:29:18 +0000 (GMT)
>
>
This is an unauthenticated Postfix header and...
>Received: from home.gblades.me.uk
>(cpc2-rdng4-3-0-cust244.winn.cable.ntl.com [81.98.97.244]) by
>mail.linguaphone-intranet.co.uk (Postfix) with ESMTP id 22BB186B18 for
><xx...@linguaphone.co.uk>; Thu, 16 Dec 2004 09:28:52 +0000 (GMT)
>
>
This is a header from an authenticated connection, correct? That's no
good... they're identical. What kind/method of authentication are you
using?
Daryl
Re: Bypassing spam checking when using Postfix
Posted by Gareth <li...@linguaphone.co.uk>.
On Thu, 2004-12-16 at 02:48, Daryl C. W. O'Shea wrote:
> Gareth wrote:
>
> >I use Suse Openexchange as our mail server and I have amavis installed
> >for virus scanning and spamassassin.
> >
> >I have a problem where when people send mail using SMTP Auth
> >spamassassin penalises them because they are sending from a dynamic IP
> >address etc...
> >Currently I am having to whitelist their addresses which also allows
> >some spam through.
> >
> >
> These are dynamic blocks you don't control, right? If you do control
> them, you can just add them to your trusted/internal networks.
Yes that is correct.
>
> >How do other people get around this problem?
> >
> >I can't see a way of getting Postfix to add a custom header for email
> >received via SMTP Auth. If I could do this then I could write a custom
> >spamassassin rule to whitelist these emails.
> >
> >
> If Postfix can be made to add, or already does add, RFC 3848 header
> 'with' tokens, new versions of SA (3.0.2 and on) will fix your problem.
> Until then you can use this patch:
> http://bugzilla.spamassassin.org/attachment.cgi?id=2547&action=view
OpenExchange is a bit of a pain with installing customised versions. I
would prefer not to have to manually install a self compiled version. If
Postfix can add a token I could just write a custom SA rule to add -100
to the score which would be sufficient.
>
> If it doesn't add these tokens (such as 'with esmtpa') could you send me
> a copy of an authenticated received header generated by Postfix?
I have attached the headers from a test email at the end of this mail.
> >I am currently looking into having TLS configured in Postfix listening
> >on a different port which sends the mail to a second copy of amavis
> >which when it finishes sends it back to postfix without going via
> >spamassassin. This just seems a bit over complicated.
> >
> >
> If you've only got the one server that's pretty much your only choice,
> if the above patch won't solve the problem, (unless you can make Postfix
> add a header for auth'd connections, in which case you can write a rule
> to catch it).
>
Thanks
Gareth
Return-Path: <te...@gbnetwork.co.uk>
Received: from mail.linguaphone-intranet.co.uk ([unix socket]) by mail
(Cyrus v2.1.16) with LMTP; Thu, 16 Dec 2004 09:29:20 +0000
X-Sieve: CMU Sieve 2.2
Received: by mail.linguaphone-intranet.co.uk (Postfix, from userid
65534) id 4B70986738; Thu, 16 Dec 2004 09:29:20 +0000 (GMT)
Received: from localhost (localhost [127.0.0.1]) by
mail.linguaphone-intranet.co.uk (Postfix) with ESMTP id 6A8CB86914 for
<xx...@linguaphone.co.uk>; Thu, 16 Dec 2004 09:29:18 +0000 (GMT)
Received: from mail.linguaphone-intranet.co.uk ([127.0.0.1]) by
localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id
26362-08 for <xx...@linguaphone.co.uk>; Thu, 16 Dec 2004 09:29:18 +0000
(GMT)
Received: from home.gblades.me.uk
(cpc2-rdng4-3-0-cust244.winn.cable.ntl.com [81.98.97.244]) by
mail.linguaphone-intranet.co.uk (Postfix) with ESMTP id 22BB186B18 for
<xx...@linguaphone.co.uk>; Thu, 16 Dec 2004 09:28:52 +0000 (GMT)
Subject: Test mail
Message-Id: <20...@mail.linguaphone-intranet.co.uk>
Date: Thu, 16 Dec 2004 09:28:52 +0000 (GMT)
From: test@gbnetwork.co.uk
X-Virus-Scanned: by amavisd-new at linguaphone.co.uk
X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11) on
mail.linguaphone.co.uk
X-Spam-Level:
X-Spam-Status: No, hits=0.3 required=5.0 tests=BAYES_00,NO_REAL_NAME,
RCVD_IN_NJABL_DUL,RCVD_IN_SORBS_DUL autolearn=no version=2.64
X-Evolution-Source: imap://xxx@openexchange.linguaphone-intranet.co.uk/
Re: Bypassing spam checking when using Postfix
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
Gareth wrote:
>I use Suse Openexchange as our mail server and I have amavis installed
>for virus scanning and spamassassin.
>
>I have a problem where when people send mail using SMTP Auth
>spamassassin penalises them because they are sending from a dynamic IP
>address etc...
>Currently I am having to whitelist their addresses which also allows
>some spam through.
>
>
These are dynamic blocks you don't control, right? If you do control
them, you can just add them to your trusted/internal networks.
>How do other people get around this problem?
>
>I can't see a way of getting Postfix to add a custom header for email
>received via SMTP Auth. If I could do this then I could write a custom
>spamassassin rule to whitelist these emails.
>
>
If Postfix can be made to add, or already does add, RFC 3848 header
'with' tokens, new versions of SA (3.0.2 and on) will fix your problem.
Until then you can use this patch:
http://bugzilla.spamassassin.org/attachment.cgi?id=2547&action=view
If it doesn't add these tokens (such as 'with esmtpa') could you send me
a copy of an authenticated received header generated by Postfix?
>I am currently looking into having TLS configured in Postfix listening
>on a different port which sends the mail to a second copy of amavis
>which when it finishes sends it back to postfix without going via
>spamassassin. This just seems a bit over complicated.
>
>
If you've only got the one server that's pretty much your only choice,
if the above patch won't solve the problem, (unless you can make Postfix
add a header for auth'd connections, in which case you can write a rule
to catch it).
Daryl