Re: ALL_TRUSTED - problem (yes I set trusted_networks already)
peter pilsl wrote: Our mailserver is behind a NAT-firewall (port 25 is passed through to the internal mailserver) and I ran into the ALL_TRUSTED-problem. I looked up the FAQ and set trusted_networks 127.0.0.1 (which actually gives me a warning that 127.0.0.1 is already part of trusted_networks) Unless you have a martian setup, 127.0.0.1 does not receive mail from outside. The IP you receive mail on should be added to tusted_networks: trusted_networks 62.99.149.138 Nevertheless spamassassin ALL_TRUSTED kicks in. example below. The exact setup here is: The firewall/router has a public IP to the outside and the mailserver is with a private ip in the inside. Only port 25 is forwarded from the firewall directely to the mailserver, which also greets with the name of the public IP. I guess this is why trusted-networks kicks in somehow? or is it the the line Received from phoenix.local by phoenix.local via LMTPA ?? do you run SA from cyrus? if not, that header is not present when SA scans the message. thnx for any advice, peter example: Return-Path: [EMAIL PROTECTED] Received: from phoenix.local (localhost [127.0.0.1]) by phoenix.local (Cyrus v2.3.11) with LMTPA; Fri, 28 Mar 2008 14:06:03 +0100 X-Sieve: CMU Sieve 2.3 Received: from goldfisch.at (goldfisch.at [62.99.149.138]) by mail.mydomain.at (8.14.2/8.12.1) with ESMTP id m2SD5u09014687 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for [EMAIL PROTECTED]; Fri, 28 Mar 2008 14:05:57 +0100 Received: from goldfisch.at (localhost.localdomain [127.0.0.1]) by goldfisch.at (8.12.10/8.12.1) with ESMTP id m2SD5oXZ016410 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for [EMAIL PROTECTED]; Fri, 28 Mar 2008 14:05:50 +0100 Received: (from [EMAIL PROTECTED]) by goldfisch.at (8.12.10/8.12.1/Submit) id m2SD5orN016407 for [EMAIL PROTECTED]; Fri, 28 Mar 2008 14:05:50 +0100 X-Authentication-Warning: goldfisch.at: httpd139 set sender to [EMAIL PROTECTED] using -f Received: from mail.mydomain.at (mail.mydomain.at [83.64.203.74]) by www.goldfisch.at (Horde Framework) with HTTP; Fri, 28 Mar 2008 14:05:50 +0100 Message-ID: [EMAIL PROTECTED] Date: Fri, 28 Mar 2008 14:05:50 +0100 From: peter pilsl [EMAIL PROTECTED] To: peter.pilsl peter.pilsl [EMAIL PROTECTED] Subject: maid MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; DelSp=Yes; format=flowed Content-Disposition: inline Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) H3 (4.2-RC1) X-Spam-Goldfisch-Score: -1.44 X-Spam-Flag: NO X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on phoenix.local X-Spam-Status: No, score=-1.4 required=3.5 tests=ALL_TRUSTED autolearn=ham version=3.2.3 X-Spam-Report: * -1.4 ALL_TRUSTED Passed through trusted hosts only via SMTP
ALL_TRUSTED - problem (yes I set trusted_networks already)
Our mailserver is behind a NAT-firewall (port 25 is passed through to the internal mailserver) and I ran into the ALL_TRUSTED-problem. I looked up the FAQ and set trusted_networks 127.0.0.1 (which actually gives me a warning that 127.0.0.1 is already part of trusted_networks) Nevertheless spamassassin ALL_TRUSTED kicks in. example below. The exact setup here is: The firewall/router has a public IP to the outside and the mailserver is with a private ip in the inside. Only port 25 is forwarded from the firewall directely to the mailserver, which also greets with the name of the public IP. I guess this is why trusted-networks kicks in somehow? or is it the the line Received from phoenix.local by phoenix.local via LMTPA ?? thnx for any advice, peter example: Return-Path: [EMAIL PROTECTED] Received: from phoenix.local (localhost [127.0.0.1]) by phoenix.local (Cyrus v2.3.11) with LMTPA; Fri, 28 Mar 2008 14:06:03 +0100 X-Sieve: CMU Sieve 2.3 Received: from goldfisch.at (goldfisch.at [62.99.149.138]) by mail.mydomain.at (8.14.2/8.12.1) with ESMTP id m2SD5u09014687 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for [EMAIL PROTECTED]; Fri, 28 Mar 2008 14:05:57 +0100 Received: from goldfisch.at (localhost.localdomain [127.0.0.1]) by goldfisch.at (8.12.10/8.12.1) with ESMTP id m2SD5oXZ016410 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for [EMAIL PROTECTED]; Fri, 28 Mar 2008 14:05:50 +0100 Received: (from [EMAIL PROTECTED]) by goldfisch.at (8.12.10/8.12.1/Submit) id m2SD5orN016407 for [EMAIL PROTECTED]; Fri, 28 Mar 2008 14:05:50 +0100 X-Authentication-Warning: goldfisch.at: httpd139 set sender to [EMAIL PROTECTED] using -f Received: from mail.mydomain.at (mail.mydomain.at [83.64.203.74]) by www.goldfisch.at (Horde Framework) with HTTP; Fri, 28 Mar 2008 14:05:50 +0100 Message-ID: [EMAIL PROTECTED] Date: Fri, 28 Mar 2008 14:05:50 +0100 From: peter pilsl [EMAIL PROTECTED] To: peter.pilsl peter.pilsl [EMAIL PROTECTED] Subject: maid MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; DelSp=Yes; format=flowed Content-Disposition: inline Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) H3 (4.2-RC1) X-Spam-Goldfisch-Score: -1.44 X-Spam-Flag: NO X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on phoenix.local X-Spam-Status: No, score=-1.4 required=3.5 tests=ALL_TRUSTED autolearn=ham version=3.2.3 X-Spam-Report: * -1.4 ALL_TRUSTED Passed through trusted hosts only via SMTP
RE: ALL_TRUSTED - problem (yes I set trusted_networks already)
peter pilsl wrote: Our mailserver is behind a NAT-firewall (port 25 is passed through to the internal mailserver) and I ran into the ALL_TRUSTED-problem. I looked up the FAQ and set trusted_networks 127.0.0.1 (which actually gives me a warning that 127.0.0.1 is already part of trusted_networks) Nevertheless spamassassin ALL_TRUSTED kicks in. example below. The exact setup here is: The firewall/router has a public IP to the outside and the mailserver is with a private ip in the inside. Only port 25 is forwarded from the firewall directely to the mailserver, which also greets with the name of the public IP. I guess this is why trusted-networks kicks in somehow? or is it the the line Received from phoenix.local by phoenix.local via LMTPA ?? I could be wrong here, but I think trying to set trusted_networks to 127.0.0.1 is treated the same as not setting it at all. You really need to trust your own mail server for sanity's sake. Try setting trusted_networks to both the internal and external IP's of the mailserver. -- Bowie
Re: ALL_TRUSTED - problem (yes I set trusted_networks already)
On 28.03.08 14:26, peter pilsl wrote: Our mailserver is behind a NAT-firewall (port 25 is passed through to the internal mailserver) and I ran into the ALL_TRUSTED-problem. I looked up the FAQ and set trusted_networks 127.0.0.1 (which actually gives me a warning that 127.0.0.1 is already part of trusted_networks) Nevertheless spamassassin ALL_TRUSTED kicks in. are you sure it's the only trusted_networks setting on your server? try clear_trusted_networks and check both personal and site-wide configs. (127/8 is always in trusted_networks, so you don't need to ses it up) do you have internal_networks and msa_networks set? -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Your mouse has moved. Windows NT will now restart for changes to take to take effect. [OK]