You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Leon Kolchinsky <lk...@univ.haifa.ac.il> on 2006/12/05 13:04:04 UTC

RE: RE: How to extract the Reverse DNS hostname by script means?

It’s been discussed on Amavisd-new list.

Look here for more info: http://marc.theaimsgroup.com/?t=116483411500019&r=1&w=2

 

________________________________

From: vitas1@itera.ru [mailto:vitas1@itera.ru] 
Sent: Thursday, November 30, 2006 4:40 PM
To: לאון קולצ'ינסקי; users@spamassassin.apache.org
Subject: RE: RE: How to extract the Reverse DNS hostname by script means?

 


Hello! 

"Leon Kolchinsky" <lk...@univ.haifa.ac.il> wrote on 19.11.2006 09:28:14:

> Hi Bret,
> 
> According to tip from Gary V. you can reliably use whitelist_from_rcvd,
> You only should configure the following parameters right:
> 
> trusted_networks 
> internal_networks 
> 
> 
> 
> Best Regards,
> Leon Kolchinsky
> 
...

> SpamAssassin will be testing the whitelist_from_rcvd against the topmost
> (final) received header when SA runs, so that's the one you need to look
> at. 
... 

Well, does SA really check *only* topmost header? I've found that whitelist_from_rcvd works only if e-mail has *only one* "received:" header that fits with corresponding whitelist_from_rcvd record. If there are some additional "untrusted" "received:" headers in e-mail then whitelisting fails for me... 

Here is my configuration. 

my_server1.my_domain1.com is our SMTP server with Exim + SpamAssassin installed. 

my_server.my_domain.com acts as a relay for the first server (it can send both it's own mail and external mail to my_server1.my_domain1.com). my_server.my_domain.com is added in trusted_networks. 

For example, I have the following record in my local.cf: 

whitelist_from_rcvd abc@hotmail.com my_domain.com. 


E-mail with the following *two* "received:" headers will not be whitelisted while with the *first* only will be: 

Received: from my_server.my_domain.com ([XXX.XXX.XXX.XXX]) 
        by my_server1.my_domain1.com with esmtp (Exim 4.63) 
        (envelope-from <ab...@hotmail.com>) 
        id 1Gpcaa-0003ZF-Ti 
        for def@my_domain1.com; Thu, 30 Nov 2006 06:27:57 +0300 
Received: from alien_server.alien_domain.com ([YYY.YYY.YYY.YYY]) 
        by my_server.my_domain.com (8.13.6/8.13.4) with SMTP id kAU3ROA5001821 
        for <po...@myserver.mydomain.com>; Thu, 30 Nov 2006 06:27:50 +0300 (MSK) 
        (envelope-from abc@other_domain.com) 


So, Am I missing something? Thanx in advance. 

Vitaly.