On Thu, July 30, 2009 16:46, Sebastian Wiesinger wrote: > * Matus UHLAR - fantomas <uh...@fantomas.sk> [2009-07-30 16:35]: >> On 30.07.09 14:03, Sebastian Wiesinger wrote: >> > I was under the impression that whitelist_from_rcvd checks if the >> > reverse lookup is forged. But still with the following rule >> > >> > whitelist_from_rcvd *...@alita.karotte.org localhost >> > >> > the attached mail is whitelisted because 220.231.127.15 resolves to >> > localhost. Am I doing something wrong or is this a bug? >> >> a bug apparently. >> >> However, the >> >> whitelist_from_rcvd *...@alita.karotte.org localhost >> >> should never work, because it works at network boundary, while localhost >> should always be in your networks (trusted and internal too) > > It does work for me. Every mail from the local server gets > whitelisted. > > So how can I whitelist mails which come from the server where my > SpamAssassin is running? I have the problem that I get logfiles which > sometimes contain spam URLS and such things. I don't want this to be > scored as spam. whitelist_from_rcvd did seem to do the trick except > for this bug.
http://old.openspf.org/wizard.html?mydomain=ml.karotte.org&submit=Go! http://old.openspf.org/wizard.html?mydomain=karotte.org go -all when all is ok and use pypolicyd-spf from this site on mta, remember to whitelist ip that is known to you as a forwarder in pypolicyd-spf in sa remove whitelist_from_rcvd change score for user_in_whitelist to not be just -100, it is bad used mostly, and there is better ways to make sure you dont get forged emails and add all your own wan ip to trusted_networks reduce the spf problems some says are there the above mail you posted have spf_fail, why did you accept it in mta ? -- xpoint