On Sep 23, 2007, at 5:17 PM, Michael Scheidell wrote:
> Anyone have an answer that isn't obvious?
> I already said I can't put it on the proxy.
No, you didn't. You mentioned that as an option.
And stop being rude to people who answer the question you asked.
--
Jo Rhett
Net Consonance : conson
Michael Scheidell writes,
> (oh, turn off Cisco's smtp mail fixup was another thing I found when
> dealing with odd ball setups)
For the archive (someone might find it useful), a link to Ralf's page:
http://arschkrebs.de/postfix/postfix_cisco_pix_bugs.shtml
Mark
--
Michael,
> I tried. That was my first suggestion. That would fix graylisting
> (which I don't do), fix SPF an SPF HELO, and SENDER ID, blacklisting,
> tarpitting, etc.
SPF, sid, blacklisting etc. work just fine on an internal host as long
as the proxy is preserving the information about the cli
> -Original Message-
> From: David B Funk [mailto:[EMAIL PROTECTED]
> Sent: Monday, September 24, 2007 12:07 AM
> To: Michael Scheidell
> Cc: [EMAIL PROTECTED]; Amavis-Users
> Subject: RE: Q about mail proxy servers and setups
>
>
> On Sun, 23 Sep 2007, Michael Scheidell wrote:
>
> > Fo
Thanks, I hadn't thought about the backscatter problem.
If there is a proxy involved, then they HAVE to set (in amavisd) all
final destinations as 'DISCARD' and not BOUNCE.
I also think I will try to look at adding it to trusted networks in SA,
but excluding it from the internal networks in amav
Anyone have an answer that isn't obvious?
I already said I can't put it on the proxy.
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct: 561-939-7259
Real time security alerts: http://www.secnap.com/news
_
This em
On Sun, Sep 23, 2007 at 01:50:43PM -0400, Michael Scheidell wrote:
> Sometimes a large company will have a proxy server set up in the DMZ and
> then send it to their internal mail server.
...
> #1, SPF. SPF helo, SENDERID
> The proxy will be adding a received header, and announcing 'HELO/EHLO'
>
Every problem you've named here is solved by putting Amavis/SA on the
proxy instead of the internal system.
If the proxy doesn't do the spam-checking, and the internal system does
I can name a dozen other problems that will occur, the most important of
which will be backscatter. 2-step relay w
On Sun, Sep 23, 2007 at 01:50:43PM -0400, Michael Scheidell wrote:
[Please post to one list only. Since I'm not subscribed to
spamasassin-users, I removed that list]
> Sometimes a large company will have a proxy server set up in the DMZ and
> then send it to their internal mail server.
> I unders
Sometimes a large company will have a proxy server set up in the DMZ and
then send it to their internal mail server.
I understand that ideally, the proxy server would be replaces with a
SpamAssassin/MTA setup.
However, sometimes, client, security and company policy needs outweigh
logic.
I can thin
10 matches
Mail list logo
