I'm using SpamAssassin 3.3.1 together with Amavis 2.6.4 on one server with
Postfix. All our customers have public static IP addresses on their PC's
213.x.x.x/y. We use only one mailserver with one public IP address from
the 213.x.x.x/y range mentioned earlier for both the incoming and outgoing
mail traffic to/from all of our domains. We are ISP.
Our customer complained about false positive mail with DOS_OE_TO_MX.
How exactly this rule works? Should I add all my range 213.x.x.x/y to the
trusted_networks and my mailserver should be added to the
internal_networks?
I guess, that the DOS_OE_TO_MX rule says, that someone from the
internet/outside world is connected directly to my mailserver, says it
sends mail using Outlook Express and sends the mails to my domains. He
does not uses his ISP's mailserver for sending mails. Right?
I suggest something like this:
trusted_networks 213.x.x.x/y # all our public ip addresses range
internal_networks 213.0.0.5 # let's say that's our mailserver's IP
I have none lines with trusted_networks and internal_networks in my config
now.
The doc says:
"Trusted in this case means that relay hosts on these networks are
considered to not be potentially operated by spammers, open relays, or
open proxies. A trusted host could conceivably relay spam, but will not
originate it, and will not forge header data"
But I think, that almost everone is sometimes infected and sends spam...
So I'm confused howto setup my system.
Kind regards, Tomas