>> Set up SMTP AUTH and require your users to log in to send email. If I >> understand correctly Spamassassin automatically trusts mails sent via >> SMTP AUTH.
> Thanks for the response. SMTP auth is set up so there must be something I need to do to tell SA that it was auth'd. > Any ideas? > Thanks, > Tom I found out about it at the link below and had to add a config option to my postfix I think to get it to add the appropriate info in the headers (documented in the page below). http://wiki.apache.org/spamassassin/DynablockIssues If you're using postfix, the parameter is "smtpd_sasl_authenticated_header = yes" which makes your received headers contain info like: Received: from host.example.com (dyna-IP-AD-DRE-SS.example.com [IP.AD.DRE.SS]) (Authenticated sender: [EMAIL PROTECTED]) by mail.example.org (Postfix) with ESMTP id 6A3922B22E0; Tue, 12 Dec 2006 15:24:46 -0500 (EST) Spamassassin picks up on the "Authenticated sender:" portion of this line and "trusts" the sender. CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. SPAM-FREE 1.0(2476)