> My test mails from MTA0 went through MTA1, MTA2, and MTA1 again > and back to MTA0. MTA1 and MTA2 are configured to use service of amavisd. > Amavisd received them 3 times. I expected that effective scan > will be done at first time only because when MTAs receive message > from each other the partner's address will be found in > @client_ipaddr_policy. However the result is: scan, scan, no scan. > That is quite strange. > > Rough log entries: > > ...Passed CLEAN [IPv6:<MTA0_IPV6>] [IPv6:<MTA0_IPV6>] <My address> -> > <Mailing list address>, ..., Hits: -3.107,... 3027 ms > > ...Passed CLEAN, NO_DSN [<MTA1_IPV6>] [IPv6:<MTA0_IPV6>] <My address> -> > <Mailing list address>, ..., Hits: -1.307,... 2325 ms > > ...Passed CLEAN, TRUSTED [IPv6:MTA2_IPv6] [IPv6:<MTA0_IPV6>] <List-bounce > address> -> <My address>, ..., Hits: -,... 199 ms
My theory is the following: MTA2 does _not_ pass address of MTA1 via XFORWARD because it is an Exim. Therefore amavisd "has no idea officially" about who sent the mail to MTA2. The address in second log entry probably comes from 'Received' header or other unreliable source. (That is confusing a bit...) So policy bank based on client address is ineffective. Gabor ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org