On Fri, 1 Jun 2007, Martin Hochreiter wrote: > I have the following option in the local.cf > > header LOCAL_RCVD Received =~ /\S+\.rk-lilienfeld\.at\s+\(.*\[.*\]\)/ > score LOCAL_RCVD -500 > > How can I ensure that at least mails from our local clients are > automatically whitelisted?
(1) As was said earlier, but in greater detail: tell your MTA to look at the SMTP client's IP address, and trust (do not give to SA) any mail where the client IP address is in your local network(s) (this is the best solution), or (2) Modify the above to check your local network IP range(s), and include your MTA name as well. For example: Received =~ from .* \[192\.168\.100\.\d+\].* by ga\.impsec\.org (where ga.impsec.org is my MTA and 192.168.100.x is my local network) In order to bypass this a forger would need to know both your MTA's system name and your local network IP range(s). -- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ [EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- In 1998 more than three times as many people in the US were killed by incompetent physicians than were killed by handguns, yet the President of the A.M.A. is adopting "gun safety" as his platform. ----------------------------------------------------------------------- 522 days until the Presidential Election
