You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by "Brian C. Hill" <bc...@bch.net> on 2007/06/07 04:32:25 UTC

SMTP AUTH problem/question

	I have read the documentation over and over again and
must be missing something. It seems to me that the default
behavior is to give everything that has been through SMTP AUTH
a high negative score, and that I shouldn't have to configure
anything. It isn't working, though. My users don't connect from
trusted networks, which is why they have to SMTP AUTH to relay
mail through my system.

	Am I missing something? Will that high negative score
only be applied to SMTP AUTH from trusted nets?

Brian

Re: SMTP AUTH problem/question

Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.

Brian C. Hill wrote:
> 	I have read the documentation over and over again and
> must be missing something. It seems to me that the default
> behavior is to give everything that has been through SMTP AUTH
> a high negative score, and that I shouldn't have to configure
> anything. It isn't working, though. My users don't connect from
> trusted networks, which is why they have to SMTP AUTH to relay
> mail through my system.
> 
> 	Am I missing something? Will that high negative score
> only be applied to SMTP AUTH from trusted nets?

A few things:

  - there must be an indication of auth taking place in the Received
    header for that relay in order to have trust extended to that relay

  - any relays after/above that relay must also be trusted

  - if you want ALL_TRUSTED to fire, all relays before/below the auth'd
    relay (if any are present) must either be (i) trusted, (ii) RFC 1918
    addresses, or (iii) also auth'd


Daryl