You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Leon Kolchinsky <lk...@univ.haifa.ac.il> on 2006/12/05 13:04:04 UTC
RE: RE: How to extract the Reverse DNS hostname by script means?
It’s been discussed on Amavisd-new list.
Look here for more info: http://marc.theaimsgroup.com/?t=116483411500019&r=1&w=2
________________________________
From: vitas1@itera.ru [mailto:vitas1@itera.ru]
Sent: Thursday, November 30, 2006 4:40 PM
To: לאון קולצ'ינסקי; users@spamassassin.apache.org
Subject: RE: RE: How to extract the Reverse DNS hostname by script means?
Hello!
"Leon Kolchinsky" <lk...@univ.haifa.ac.il> wrote on 19.11.2006 09:28:14:
> Hi Bret,
>
> According to tip from Gary V. you can reliably use whitelist_from_rcvd,
> You only should configure the following parameters right:
>
> trusted_networks
> internal_networks
>
>
>
> Best Regards,
> Leon Kolchinsky
>
...
> SpamAssassin will be testing the whitelist_from_rcvd against the topmost
> (final) received header when SA runs, so that's the one you need to look
> at.
...
Well, does SA really check *only* topmost header? I've found that whitelist_from_rcvd works only if e-mail has *only one* "received:" header that fits with corresponding whitelist_from_rcvd record. If there are some additional "untrusted" "received:" headers in e-mail then whitelisting fails for me...
Here is my configuration.
my_server1.my_domain1.com is our SMTP server with Exim + SpamAssassin installed.
my_server.my_domain.com acts as a relay for the first server (it can send both it's own mail and external mail to my_server1.my_domain1.com). my_server.my_domain.com is added in trusted_networks.
For example, I have the following record in my local.cf:
whitelist_from_rcvd abc@hotmail.com my_domain.com.
E-mail with the following *two* "received:" headers will not be whitelisted while with the *first* only will be:
Received: from my_server.my_domain.com ([XXX.XXX.XXX.XXX])
by my_server1.my_domain1.com with esmtp (Exim 4.63)
(envelope-from <ab...@hotmail.com>)
id 1Gpcaa-0003ZF-Ti
for def@my_domain1.com; Thu, 30 Nov 2006 06:27:57 +0300
Received: from alien_server.alien_domain.com ([YYY.YYY.YYY.YYY])
by my_server.my_domain.com (8.13.6/8.13.4) with SMTP id kAU3ROA5001821
for <po...@myserver.mydomain.com>; Thu, 30 Nov 2006 06:27:50 +0300 (MSK)
(envelope-from abc@other_domain.com)
So, Am I missing something? Thanx in advance.
Vitaly.