On Wed, 2010-06-09 at 01:51 -0400, Louis Guillaume wrote: > Recently I've had a lot of reports of returned mail from authenticated > users. The messages are being bounced on the way out.
You forgot to provide the reason (SA rules hit) for the messages being scored above the threshold. We absolutely need them to help you. Anyway, if they are really properly authenticated, they should trigger ALL_TRUSTED and hardly anything else. The sparse information given hints, this either is a mis-configuration, or your users are really sending spam. > I understand that SA checks outbound messages, but I have discovered two > things, one of them rather disturbing: > > 1. I cannot find a way to simply trust authenticated users' > messages. I would like to whitelist all messages that are > sent by authenticated users. Yes I understand that a > compromised user account can be a problem for me, but I > need this as a starting point. Is there a way? Just do not pass outgoing messages by authenticated users to SA. The ultimate trust. This is a configuration issue with your MTA, which should simply bypass SA. > OS: NetBSD-5 > sendmail-8.14.4 > spamassassin-3.3.1 > spamass-milter-0.3.1 Is that vanilla upstream spamass-milter 0.3.1? Or does it include the fix [1] for the Received header regression [2] in 0.3.1? This bug causes problems with SA. guenther [1] http://cvs.savannah.gnu.org/viewvc/spamass-milt/spamass-milter.cpp?revision=1.91&root=spamass-milt&view=markup [2] http://savannah.nongnu.org/bugs/?func=detailitem&item_id=17178 -- char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4"; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1: (c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}