On 2021-12-01 at 07:01:40 UTC-0500 (Wed, 1 Dec 2021 13:01:40 +0100) Matus UHLAR - fantomas <uh...@fantomas.sk> is rumored to have said:
> On 01.12.21 11:25, Matus UHLAR - fantomas wrote: >> hoping that adding sending IP Address to X-Originating-IP: header will help >> me fight against spam posted via webmail it seems I caused more problems >> than it was supposed to solve. >> >> mail sent from external IP 192.0.2.1 via webmail on 192.168.0.10, then pushed >> to SMTP server 192.168.0.10 (authenticated). > > this line is configured in (debian system): > > /etc/roundcube/plugins/additional_message_headers/config.inc.php > > $config['additional_message_headers']['X-Originating-IP'] = '[' . > $_SERVER['REMOTE_ADDR'] .']'; > > I see that adding mailserver local IP (192.168.0.10) to msa_networks will > hide the remote IP if the local IP is trusted/internal. That's why the *_networks config parameters exist: so that it is possible for SA to figure out which which recorded transit hop to both trust as accurately recorded and to interpret as a transfer from a potentially hostile sender. Is there some reason you would not want 192.168.0.10 in msa_networks? -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire