On 10.10.11 13:14, Tomas Macek wrote:
OK, this should be good:
trusted_networks 213.0.0.5 213.0.0.10 # primary mx IP and backup mx IP
internal_networks 213.0.0.5 # only the IP of primary mx
Right?
No. All the backup MX servers must be in internal_networks too
I
On Mon, 10 Oct 2011 13:14:21 +0200 (CEST), Tomas Macek wrote:
OK, this should be good:
trusted_networks 213.0.0.5 213.0.0.10 # primary mx IP and backup
mx IP
internal_networks 213.0.0.5 # only the IP of primary mx
Right?
On 10.10.11 16:40, Benny Pedersen wrote:
backup is
On Tue, 11 Oct 2011 07:37:53 +0200 (CEST), Tomas Macek wrote:
[snip]
No, there is not ALL_TRUSTED in the headers. I'm sorry, I did not
write here the rules that matched the message, so here it is:
X-Spam-Status: Yes, score=5.988 tagged_above=3 required=5
tests=[DOS_OE_TO_MX=3.086,
I'm using SpamAssassin 3.3.1 together with Amavis 2.6.4 on one server with
Postfix. All our customers have public static IP addresses on their PC's
213.x.x.x/y. We use only one mailserver with one public IP address from
the 213.x.x.x/y range mentioned earlier for both the incoming and outgoing
On Mon, 10 Oct 2011 12:19:56 +0200 (CEST), Tomas Macek wrote:
I suggest something like this:
trusted_networks 213.x.x.x/y # all our public ip addresses range
internal_networks 213.0.0.5 # let's say that's our mailserver's IP
the above should only list all the mailserver(s) you have as isp,
On Mon, 10 Oct 2011, Benny Pedersen wrote:
On Mon, 10 Oct 2011 12:19:56 +0200 (CEST), Tomas Macek wrote:
I suggest something like this:
trusted_networks 213.x.x.x/y # all our public ip addresses range
internal_networks 213.0.0.5 # let's say that's our mailserver's IP
the above should only
On Oct 10, 2011, at 1:14 PM, Tomas Macek wrote:
hope that helps, if not post sample on pastebin, and just mangle sender
donain with example.org
But there is still the question what bad happened when DOS_OE_TO_MX matched
the message?
The client sent the mail from internal network
On Mon, 10 Oct 2011 13:14:21 +0200 (CEST), Tomas Macek wrote:
On Mon, 10 Oct 2011, Benny Pedersen wrote:
On Mon, 10 Oct 2011 12:19:56 +0200 (CEST), Tomas Macek wrote:
I suggest something like this:
trusted_networks 213.x.x.x/y # all our public ip addresses range
internal_networks 213.0.0.5 #
On Mon, 10 Oct 2011, Benny Pedersen wrote:
On Mon, 10 Oct 2011 13:14:21 +0200 (CEST), Tomas Macek wrote:
On Mon, 10 Oct 2011, Benny Pedersen wrote:
On Mon, 10 Oct 2011 12:19:56 +0200 (CEST), Tomas Macek wrote:
I suggest something like this:
trusted_networks 213.x.x.x/y # all our public ip