You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by peter pilsl <pi...@goldfisch.at> on 2008/03/28 14:26:10 UTC
ALL_TRUSTED - problem (yes I set trusted_networks already)
Our mailserver is behind a NAT-firewall (port 25 is passed through to
the internal mailserver) and I ran into the ALL_TRUSTED-problem. I
looked up the FAQ and set
trusted_networks 127.0.0.1 (which actually gives me a warning that
127.0.0.1 is already part of trusted_networks)
Nevertheless spamassassin ALL_TRUSTED kicks in.
example below.
The exact setup here is:
The firewall/router has a public IP to the outside and the mailserver
is with a private ip in the inside. Only port 25 is forwarded from
the firewall directely to the mailserver, which also greets with the
name of the public IP. I guess this is why trusted-networks kicks in
somehow? or is it the the line Received from phoenix.local by
phoenix.local via LMTPA ??
thnx for any advice,
peter
example:
Return-Path: <ro...@server.local>
Received: from phoenix.local (localhost [127.0.0.1])
by phoenix.local (Cyrus v2.3.11) with LMTPA;
Fri, 28 Mar 2008 14:06:03 +0100
X-Sieve: CMU Sieve 2.3
Received: from goldfisch.at (goldfisch.at [62.99.149.138]) by
mail.mydomain.at (8.14.2/8.12.1) with ESMTP id m2SD5u09014687
(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for
<pe...@mydomain.at.at>; Fri, 28 Mar 2008 14:05:57 +0100
Received: from goldfisch.at (localhost.localdomain [127.0.0.1]) by
goldfisch.at (8.12.10/8.12.1) with ESMTP id m2SD5oXZ016410
(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for
<pe...@mydomain.at.at>; Fri, 28 Mar 2008 14:05:50 +0100
Received: (from httpd139@localhost) by goldfisch.at
(8.12.10/8.12.1/Submit) id m2SD5orN016407 for peter.pilsl@mydomain.at;
Fri, 28 Mar 2008 14:05:50 +0100
X-Authentication-Warning: goldfisch.at: httpd139 set sender to
pilsl@goldfisch.at using -f
Received: from mail.mydomain.at (mail.mydomain.at [83.64.203.74])
by www.goldfisch.at (Horde Framework) with HTTP; Fri, 28 Mar 2008 14:05:50
+0100
Message-ID: <20...@www.goldfisch.at>
Date: Fri, 28 Mar 2008 14:05:50 +0100
From: peter pilsl <pi...@goldfisch.at>
To: "peter.pilsl peter.pilsl" <pe...@mydomain.at>
Subject: maid
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; DelSp="Yes";
format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
User-Agent: Internet Messaging Program (IMP) H3 (4.2-RC1)
X-Spam-Goldfisch-Score: -1.44
X-Spam-Flag: NO
X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on phoenix.local
X-Spam-Status: No, score=-1.4 required=3.5 tests=ALL_TRUSTED autolearn=ham
version=3.2.3
X-Spam-Report: * -1.4 ALL_TRUSTED Passed through trusted hosts only via SMTP
Re: ALL_TRUSTED - problem (yes I set trusted_networks already)
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
On 28.03.08 14:26, peter pilsl wrote:
> Our mailserver is behind a NAT-firewall (port 25 is passed through to
> the internal mailserver) and I ran into the ALL_TRUSTED-problem. I
> looked up the FAQ and set
>
> trusted_networks 127.0.0.1 (which actually gives me a warning that
> 127.0.0.1 is already part of trusted_networks)
> Nevertheless spamassassin ALL_TRUSTED kicks in.
are you sure it's the only trusted_networks setting on your server?
try clear_trusted_networks and check both personal and site-wide configs.
(127/8 is always in trusted_networks, so you don't need to ses it up)
do you have internal_networks and msa_networks set?
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Your mouse has moved. Windows NT will now restart for changes to take
to take effect. [OK]
Re: ALL_TRUSTED - problem (yes I set trusted_networks already)
Posted by mouss <mo...@netoyen.net>.
peter pilsl wrote:
>
>
> Our mailserver is behind a NAT-firewall (port 25 is passed through to
> the internal mailserver) and I ran into the ALL_TRUSTED-problem. I
> looked up the FAQ and set
>
> trusted_networks 127.0.0.1 (which actually gives me a warning that
> 127.0.0.1 is already part of trusted_networks)
Unless you have a martian setup, 127.0.0.1 does not receive mail from
outside. The IP you receive mail on should be added to tusted_networks:
trusted_networks 62.99.149.138
>
> Nevertheless spamassassin ALL_TRUSTED kicks in.
>
> example below.
>
> The exact setup here is:
>
> The firewall/router has a public IP to the outside and the mailserver
> is with a private ip in the inside. Only port 25 is forwarded from
> the firewall directely to the mailserver, which also greets with the
> name of the public IP. I guess this is why trusted-networks kicks in
> somehow? or is it the the line Received from phoenix.local by
> phoenix.local via LMTPA ??
>
do you run SA from cyrus? if not, that header is not present when SA
scans the message.
>
> thnx for any advice,
> peter
>
>
> example:
>
> Return-Path: <ro...@server.local>
> Received: from phoenix.local (localhost [127.0.0.1])
> by phoenix.local (Cyrus v2.3.11) with LMTPA;
> Fri, 28 Mar 2008 14:06:03 +0100
> X-Sieve: CMU Sieve 2.3
> Received: from goldfisch.at (goldfisch.at [62.99.149.138]) by
> mail.mydomain.at (8.14.2/8.12.1) with ESMTP id m2SD5u09014687
> (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168
> verify=NO) for
> <pe...@mydomain.at.at>; Fri, 28 Mar 2008 14:05:57 +0100
> Received: from goldfisch.at (localhost.localdomain [127.0.0.1]) by
> goldfisch.at (8.12.10/8.12.1) with ESMTP id m2SD5oXZ016410
> (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168
> verify=NO) for
> <pe...@mydomain.at.at>; Fri, 28 Mar 2008 14:05:50 +0100
> Received: (from httpd139@localhost) by goldfisch.at
> (8.12.10/8.12.1/Submit) id m2SD5orN016407 for
> peter.pilsl@mydomain.at;
> Fri, 28 Mar 2008 14:05:50 +0100
> X-Authentication-Warning: goldfisch.at: httpd139 set sender to
> pilsl@goldfisch.at using -f
> Received: from mail.mydomain.at (mail.mydomain.at [83.64.203.74])
> by www.goldfisch.at (Horde Framework) with HTTP; Fri, 28 Mar 2008
> 14:05:50
> +0100
> Message-ID: <20...@www.goldfisch.at>
> Date: Fri, 28 Mar 2008 14:05:50 +0100
> From: peter pilsl <pi...@goldfisch.at>
> To: "peter.pilsl peter.pilsl" <pe...@mydomain.at>
> Subject: maid
> MIME-Version: 1.0
> Content-Type: text/plain; charset=ISO-8859-1; DelSp="Yes";
> format="flowed"
> Content-Disposition: inline
> Content-Transfer-Encoding: 7bit
> User-Agent: Internet Messaging Program (IMP) H3 (4.2-RC1)
> X-Spam-Goldfisch-Score: -1.44
> X-Spam-Flag: NO
> X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on phoenix.local
> X-Spam-Status: No, score=-1.4 required=3.5 tests=ALL_TRUSTED
> autolearn=ham
> version=3.2.3
> X-Spam-Report: * -1.4 ALL_TRUSTED Passed through trusted hosts only
> via SMTP
>
>
>