RE: RE: How to extract the Reverse DNS hostname by script means?

2006-12-05 Thread Leon Kolchinsky 
It’s been discussed on Amavisd-new list.

Look here for more info: http://marc.theaimsgroup.com/?t=116483411500019r=1w=2

 



From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Thursday, November 30, 2006 4:40 PM
To: לאון קולצ'ינסקי; users@spamassassin.apache.org
Subject: RE: RE: How to extract the Reverse DNS hostname by script means?

 


Hello! 

Leon Kolchinsky [EMAIL PROTECTED] wrote on 19.11.2006 09:28:14:

 Hi Bret,
 
 According to tip from Gary V. you can reliably use whitelist_from_rcvd,
 You only should configure the following parameters right:
 
 trusted_networks 
 internal_networks 
 
 
 
 Best Regards,
 Leon Kolchinsky
 
...

 SpamAssassin will be testing the whitelist_from_rcvd against the topmost
 (final) received header when SA runs, so that's the one you need to look
 at. 
... 

Well, does SA really check *only* topmost header? I've found that 
whitelist_from_rcvd works only if e-mail has *only one* received: header that 
fits with corresponding whitelist_from_rcvd record. If there are some 
additional untrusted received: headers in e-mail then whitelisting fails 
for me... 

Here is my configuration. 

my_server1.my_domain1.com is our SMTP server with Exim + SpamAssassin 
installed. 

my_server.my_domain.com acts as a relay for the first server (it can send both 
it's own mail and external mail to my_server1.my_domain1.com). 
my_server.my_domain.com is added in trusted_networks. 

For example, I have the following record in my local.cf: 

whitelist_from_rcvd [EMAIL PROTECTED] my_domain.com. 


E-mail with the following *two* received: headers will not be whitelisted 
while with the *first* only will be: 

Received: from my_server.my_domain.com ([XXX.XXX.XXX.XXX]) 
by my_server1.my_domain1.com with esmtp (Exim 4.63) 
(envelope-from [EMAIL PROTECTED]) 
id 1Gpcaa-0003ZF-Ti 
for [EMAIL PROTECTED]; Thu, 30 Nov 2006 06:27:57 +0300 
Received: from alien_server.alien_domain.com ([YYY.YYY.YYY.YYY]) 
by my_server.my_domain.com (8.13.6/8.13.4) with SMTP id kAU3ROA5001821 
for [EMAIL PROTECTED]; Thu, 30 Nov 2006 06:27:50 +0300 (MSK) 
(envelope-from [EMAIL PROTECTED]) 


So, Am I missing something? Thanx in advance. 

Vitaly.

RE: RE: How to extract the Reverse DNS hostname by script means?

2006-11-30 Thread vitas1 
Hello!

Leon Kolchinsky [EMAIL PROTECTED] wrote on 19.11.2006 
09:28:14:

 Hi Bret,
 
 According to tip from Gary V. you can reliably use whitelist_from_rcvd,
 You only should configure the following parameters right:
 
 trusted_networks 
 internal_networks 
 
 
 
 Best Regards,
 Leon Kolchinsky
 
...

 SpamAssassin will be testing the whitelist_from_rcvd against the topmost
 (final) received header when SA runs, so that's the one you need to look
 at. 
...

Well, does SA really check *only* topmost header? I've found that 
whitelist_from_rcvd works only if e-mail has *only one* received: header 
that fits with corresponding whitelist_from_rcvd record. If there are some 
additional untrusted received: headers in e-mail then whitelisting 
fails for me...

Here is my configuration.

my_server1.my_domain1.com is our SMTP server with Exim + SpamAssassin 
installed.

my_server.my_domain.com acts as a relay for the first server (it can send 
both it's own mail and external mail to my_server1.my_domain1.com). 
my_server.my_domain.com is added in trusted_networks.

For example, I have the following record in my local.cf:

whitelist_from_rcvd [EMAIL PROTECTED] my_domain.com.


E-mail with the following *two* received: headers will not be 
whitelisted while with the *first* only will be:

Received: from my_server.my_domain.com ([XXX.XXX.XXX.XXX])
by my_server1.my_domain1.com with esmtp (Exim 4.63)
(envelope-from [EMAIL PROTECTED])
id 1Gpcaa-0003ZF-Ti
for [EMAIL PROTECTED]; Thu, 30 Nov 2006 06:27:57 +0300
Received: from alien_server.alien_domain.com ([YYY.YYY.YYY.YYY])
by my_server.my_domain.com (8.13.6/8.13.4) with SMTP id 
kAU3ROA5001821
for [EMAIL PROTECTED]; Thu, 30 Nov 2006 06:27:50 +0300 
(MSK)
(envelope-from [EMAIL PROTECTED])


So, Am I missing something? Thanx in advance.

Vitaly.