You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Matt Kettler <mk...@verizon.net> on 2008/02/06 09:53:12 UTC
Re:
Juergen.Boehm@inframation.de wrote:
>
> Hi
>
> i need help with Spamassassin. Once in a month we have to send a
> massive amount of mails at the same time. These are Invoice mails to
> our customers.
> The problem is, that spamd controls all these mails, which are send
> from a different Server in our network. It happens that 1/4 of this
> mails are not send because of:
>
> 554 Relay rejected for policy reasons.
>
> Error.
>
> When i look in the mail file on the Mailserver I see that spamd
> arrives at the limit of spawned childs and there are some errors.
>
> My question now is: is there an opportunity to tell spamassassin to
> ignore a server in the own network completely so that spamd isn't
> called when there comes a mail from this server?
>
> It can't be "trusted networks" because this parameter is set.
>
Well, the problem is for spamassassin to tell that, you'd already have
to have called spamd. ie: by the time SA knows, it's too late, you're
already in spamd.
You have two basic options:
1) Configure whatever tool is calling spamc to not call it. This is your
best option, but doing it depends on how you're handling SA integration,
and what that toolset is capable of. I can tell from your headers you're
using postfix as a MTA, but how have you integrated SA into it??
2) Assuming you have SA 3.2.0 or newer, you could do a shortcircuit on
the ALL_TRUSTED rule, which would shorten the scan time. However, this
would not avoid calling spamd and you'll probably only make it less
severe, not better. It is however, purely a function of SA
configuration, so I can tell you exactly how to do this with no extra
information.
To do this, you'll have to load the shortcircuit plugin by uncommenting
it in /etc/mail/spamassassin/v320.pre, then in your local.cf:
priority ALL_TRUSTED -2000
shortcircuit ALL_TRUSTED on
Note: make absolutely sure that trusted_networks is set properly before
doing something like this. Because it will make SA abort all of its
scanning on any message that has only been touched by hosts in
trusted_networks.