Matthias, >> Now I added IPs to trusted_networks and that causes another problem: The >> trusted_network IPs are in the DNSWL and therefore get a positive bonus >> from SA. > > Hm, somehow I can't follow what you're trying to do. Can you post the > relevant parts of your configuration?
Sure: > header RCVD_IN_DNSWL X-DNS-Whitelist =~ /^none/ > score RCVD_IN_DNSWL -0.1 > describe RCVD_IN_DNSWL Sender listed at http://www.dnswl.org/, no trust > > header RCVD_IN_DNSWL_LOW X-DNS-Whitelist =~ /^low/ > score RCVD_IN_DNSWL_LOW -1 > describe RCVD_IN_DNSWL_LOW Sender listed at http://www.dnswl.org/, low > trust > > header RCVD_IN_DNSWL_MED X-DNS-Whitelist =~ /^med/ > score RCVD_IN_DNSWL_MED -4 > describe RCVD_IN_DNSWL_MED Sender listed at http://www.dnswl.org/, medium > trust > > header RCVD_IN_DNSWL_HI X-DNS-Whitelist =~ /^hi/ > score RCVD_IN_DNSWL_HI -8 > describe RCVD_IN_DNSWL_HI Sender listed at http://www.dnswl.org/, high > trust > > header RCVD_IN_DNSWL_NO X-DNS-Whitelist =~ /^No$/ > score RCVD_IN_DNSWL_NO 0.1 > describe RCVD_IN_DNSWL_NO Sender *not* listed at http://www.dnswl.org/ > > # web.de > trusted_networks 217.72.192. What now happens is the following: 1) I get an mail (from a server within the trusted_networks range). 2) Postfix adds the X-DNS-Whitelist header for this server. 3) SpamAssassin gets the mail and checks it. 3a) SpamAssassin notes that the mail has been handled by a server from the trusted_networks range before. 3b) Therefore SpamAssassin applies all tests to the server one more hop away. 3c) SpamAssassin does not know that the X-DNS-Whitelist entry does not belong the the server within the trusted_networks range and therefore applies a bonus score on the mail. 4) The mail does not get ranked as spam due to the bonus spam. 5) I get spam. If it is not possible to make something like an if statement preventing this from happening, I would be happy about some information on how to integrate dnswl.org into SpamAssassin. Thanks, Lars
