Postfix/spamassassin. Can I score -100 for sasl authorised clients ?
This is a discussion on Postfix/spamassassin. Can I score -100 for sasl authorised clients ? within the alt.comp.mail.postfix forums, part of the Mail Servers and Related category; I've just set up postfix and spamassassin under Gentoo for a company network. We have road warriers here (laptop ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
06-09-2004
|
|||
|
|||
Postfix/spamassassin. Can I score -100 for sasl authorised clients ?
I've just set up postfix and spamassassin under Gentoo for a company network.
We have road warriers here (laptop users who need to use our mail server), so I've set up SMTP-Auth using SASL, which is working great. The problem is that because those road warriers use a variety of ISPs for their logons, when they send mail to other people at my company, spamassassin often triggers on the "dynamic IP" and SORBS rules, and their mail gets marked as spam. I could add their addresses to white lists, but then that would mean they would be getting more spam themselves, from the spam which pretends to be from the recipient. I figure the best way of making sure someone is from my company, and not really a spammer is for postfix to add a line of header for every mail sent from a client that logged in to the smtp server using SASL. Then, all I need to do is set up a rule for spamassassin which scores such a header as -100. Can I do this with postfix ? Or is there a better method ? Thanks, Chris 
|
|
06-13-2004
|
|||
|
|||
|
Re: Postfix/spamassassin. Can I score -100 for sasl authorised clients ?
tell spamassassin to permit mail from their email address only if it's from
a certain smtp server. "Chris Severn" <severn@iinet.net.au> wrote in message news:qc4ec05rmm1n9o6v3c67ktp7n9in7rtr7i@4ax.com... > I've just set up postfix and spamassassin under Gentoo for a company > network. > > We have road warriers here (laptop users who need to use our mail server), > so > I've set up SMTP-Auth using SASL, which is working great. > > The problem is that because those road warriers use a variety of ISPs for > their logons, when they send mail to other people at my company, > spamassassin > often triggers on the "dynamic IP" and SORBS rules, and their mail gets > marked > as spam. > > I could add their addresses to white lists, but then that would mean they > would be getting more spam themselves, from the spam which pretends to be > from > the recipient. > > I figure the best way of making sure someone is from my company, and not > really a spammer is for postfix to add a line of header for every mail > sent > from a client that logged in to the smtp server using SASL. Then, all I > need > to do is set up a rule for spamassassin which scores such a header > as -100. > > Can I do this with postfix ? Or is there a better method ? > > Thanks, > > Chris
|
|
06-16-2004
|
|||
|
|||
|
Re: Postfix/spamassassin. Can I score -100 for sasl authorised clients ?
On Sun, 13 Jun 2004 10:53:03 -0400, "Sean Joseph" <admin@divisionweb.net>
wrote: >"Chris Severn" <severn@iinet.net.au> wrote in message >news:qc4ec05rmm1n9o6v3c67ktp7n9in7rtr7i@4ax.com.. . >> I've just set up postfix and spamassassin under Gentoo for a company >> network. >> >> We have road warriers here (laptop users who need to use our mail server), >> so >> I've set up SMTP-Auth using SASL, which is working great. >> >> The problem is that because those road warriers use a variety of ISPs for >> their logons, when they send mail to other people at my company, >> spamassassin >> often triggers on the "dynamic IP" and SORBS rules, and their mail gets >> marked >> as spam. >> >> I could add their addresses to white lists, but then that would mean they >> would be getting more spam themselves, from the spam which pretends to be >> from >> the recipient. >> >> I figure the best way of making sure someone is from my company, and not >> really a spammer is for postfix to add a line of header for every mail >> sent >> from a client that logged in to the smtp server using SASL. Then, all I >> need >> to do is set up a rule for spamassassin which scores such a header >> as -100. >> >> Can I do this with postfix ? Or is there a better method ? >> >> Thanks, >> >> Chris > >tell spamassassin to permit mail from their email address only if it's from >a certain smtp server. Which certain smtp server ? The road-warriers' machines are set to use the company mail server as their outgoing smtp server, using SASL for authentication. The mail will come from the road warrier as a client, which will have some unpredictable, probably dynamic (and hence high spam scoring) IP address. The only smtp server it hits is the company server, which dumps the email directly to the local user's local mail spool. Chris
|
|
06-18-2004
|
|||
|
|||
|
Re: Postfix/spamassassin. Can I score -100 for sasl authorised clients ?
Hi Chris,
I solved this problem by setting the score for SORBS to 0, which kind of bypasses this test. I'm sure, there is a more elegant way to get the same result, but this works for us and our customers. To disable these tests only for our authenticated customers wouldn't solve the problem for us, because we and our customers also need to receive mail from dial-in-gateways because we can't effort that mail from honestly interrested potentiel customers will be rejected. I added this to /etc/mail/spamassassin/local.cf: 8<----------8<----------8<----------8<---------- score RCVD_IN_DYNABLOCK 0 score RCVD_IN_SORBS_MISC 0 score RCVD_IN_SORBS_HTTP 0 8<----------8<----------8<----------8<---------- Give it a try, yours, Henri - | Datadesign for Internet and Intranet | www.byteconcepts.de | www.virtual-homes.de
|
|
06-19-2004
|
|||
|
|||
|
Re: Postfix/spamassassin. Can I score -100 for sasl authorised clients ?
On Fri, 18 Jun 2004 08:52:22 +0200, Henri Schomäcker <hs@byteconcepts.de>
wrote: >Hi Chris, > >I solved this problem by setting the score for SORBS to 0, which kind of >bypasses this test. I'm sure, there is a more elegant way to get the same >result, but this works for us and our customers. > >To disable these tests only for our authenticated customers wouldn't solve >the problem for us, because we and our customers also need to receive mail >from dial-in-gateways because we can't effort that mail from honestly >interrested potentiel customers will be rejected. > >I added this to /etc/mail/spamassassin/local.cf: >8<----------8<----------8<----------8<---------- >score RCVD_IN_DYNABLOCK 0 >score RCVD_IN_SORBS_MISC 0 >score RCVD_IN_SORBS_HTTP 0 >8<----------8<----------8<----------8<---------- > >Give it a try, > yours, Henri > Henri, Yeah, that's probably a good idea. I've noticed that those rules are useful in detecting real spam though, so zeroing them out will decrease the performance of the filter noticeably for detecting spam, but it's probably worth it for the reduction in false positives. Thanks for the tip. I'll give it a go. It's not possible to zero a rule only if another rule is true is it ? For instance scoring those 3 rules as zero only if the "from" address is from my domain ? I haven't noticed any problems with these rules apart from our road warriers. Chris
|
Linear Mode
