Re: whitelist_from ip_range
On Thu, April 19, 2007 21:20, Philip Prindeville wrote: > Given the number of ISP's that don't have rDNS configured, i reject them, atleast spf can help them > whitelist_from_rcvd should probably be extended to support > IP/CIDR addresses as well... why not spf ? > Let's not overload the meanings of trusted_networks and > internal_networks. These latter two are already confusing > enough for most newbies without having them take on > additional unintended meanings. there can be better ways of deailing with it yes, so far i have not seen side effects of managed trusted_networks and or internal_networks that works -- This message was sent using 100% recycled spam mails.
Re: whitelist_from ip_range
Benny Pedersen wrote: > On Tue, April 17, 2007 01:57, Duane Hill wrote: > > >> http://wiki.apache.org/spamassassin/TrustPath >> > > to me a bit hardcore to read, but it have all ip that is known forwards mails > to me as trusted_networks even if its still not my servers, and have maked the > complete rfc1918 in trusted_networks and internal_networks added to this i > have my own wan ip's in both > > should be it :-) > > trusted_networks 10.0.0.0/8 > trusted_networks 172.16.0.0/12 > trusted_networks 192.168.0.0/16 > trusted_networks 127.0.0.0/8 > > internal_networks 10.0.0.0/8 > internal_networks 172.16.0.0/12 > internal_networks 192.168.0.0/16 > internal_networks 127.0.0.0/8 > > and last my wan ips as trusted_networks and internal_networks > > after this all known forward ips as trusted_networks > Given the number of ISP's that don't have rDNS configured, whitelist_from_rcvd should probably be extended to support IP/CIDR addresses as well... Let's not overload the meanings of trusted_networks and internal_networks. These latter two are already confusing enough for most newbies without having them take on additional unintended meanings. -Philip
Re: whitelist_from ip_range
On Tue, April 17, 2007 01:26, Kelson wrote: > That won't do what you think. trusted_networks is for IPs that you > trust to provide honest header information, not IPs that you trust not > to send spam. correct, all my known forwarders pass spam when user want to have it forwarded -- This message was sent using 100% recycled spam mails.
Re: whitelist_from ip_range
On Tue, April 17, 2007 01:57, Duane Hill wrote: > http://wiki.apache.org/spamassassin/TrustPath to me a bit hardcore to read, but it have all ip that is known forwards mails to me as trusted_networks even if its still not my servers, and have maked the complete rfc1918 in trusted_networks and internal_networks added to this i have my own wan ip's in both should be it :-) trusted_networks 10.0.0.0/8 trusted_networks 172.16.0.0/12 trusted_networks 192.168.0.0/16 trusted_networks 127.0.0.0/8 internal_networks 10.0.0.0/8 internal_networks 172.16.0.0/12 internal_networks 192.168.0.0/16 internal_networks 127.0.0.0/8 and last my wan ips as trusted_networks and internal_networks after this all known forward ips as trusted_networks -- This message was sent using 100% recycled spam mails.
Re: whitelist_from ip_range
On Mon, 16 Apr 2007, Kelson wrote: Benny Pedersen wrote: On Sat, April 14, 2007 10:31, Wael Shahin wrote: whitelist_from 172.16.0.0/16 trusted_networks 172.16.0.0/16 whitelist_from is for email not for ip :-) That won't do what you think. trusted_networks is for IPs that you trust to provide honest header information, not IPs that you trust not to send spam. A more concise definition from the wiki: http://wiki.apache.org/spamassassin/TrustPath Trusted Networks Generally you want trusted_networks set to contain all the mailservers you control that add Received: headers, and nothing else. Internal Networks Set 'internal_networks' to include the hosts that act as MX for your domains, or that may deliver mail internally in your organisation. Set 'trusted_networks' to include the same hosts and networks as 'internal_networks', with the addition of some hosts that are external to your organisation which you trust to not be under the control of spammers. For example, very high-volume mail relays at other ISPs, or mailing list servers. Note that it doesn't matter if the server relays spam to you from other hosts; that still means you trust the server not to originate spam, which is what 'trusted_networks' specifies.
Re: whitelist_from ip_range
Benny Pedersen wrote: On Sat, April 14, 2007 10:31, Wael Shahin wrote: whitelist_from 172.16.0.0/16 trusted_networks 172.16.0.0/16 whitelist_from is for email not for ip :-) That won't do what you think. trusted_networks is for IPs that you trust to provide honest header information, not IPs that you trust not to send spam. -- Kelson Vibber SpeedGate Communications
Re: whitelist_from ip_range
Opps, looks like i totally messed up thaks Benny - Original Message - From: "Benny Pedersen" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, April 14, 2007 1:17 PM Subject: Re: whitelist_from ip_range On Sat, April 14, 2007 10:31, Wael Shahin wrote: whitelist_from 172.16.0.0/16 trusted_networks 172.16.0.0/16 whitelist_from is for email not for ip :-) -- This message was sent using 100% recycled spam mails.
Re: whitelist_from ip_range
On Sat, April 14, 2007 10:31, Wael Shahin wrote: > whitelist_from 172.16.0.0/16 trusted_networks 172.16.0.0/16 whitelist_from is for email not for ip :-) -- This message was sent using 100% recycled spam mails.
whitelist_from ip_range
Hello, I was not lucky to get information about how to whitelist IP Range should it be something like whitelist_from 172.16. or whitelist_from 172.16.0.0-172.16.255.255 or whitelist_from 172.16.0.0/16 thank you