martin f krafft writes:
> Hi,
>
> we have a bunch of users who use our SASL-enabled SMTP server to
> relay their mail when on the road. This causes the following
> Received header:
>
> Received: from septumania (217-162-227-XXX.dclient.hispeed.ch [217.162.227.XXX])
> (using SSLv3 with cipher RC4-MD5 (128/128 bits))
> (Client did not present a certificate)
> by gaia.aXXXb.ch (postfix) with ESMTP id 7A5981C4F52F;
> Thu, 23 Feb 2006 11:20:39 +0100 (CET)
>
> Consequently, Spamassassin tags the message as spam:
>
> Content analysis details: (5.5 hits, 5.0 required)
> 2.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP address
> [217.162.227.XXX listed in dnsbl.sorbs.net]
> 1.8 RCVD_IN_DSBL RBL: Received via a relay in list.dsbl.org
> [<http://dsbl.org/listing?217.162.227.XXX>]
> 1.7 RCVD_IN_NJABL_DUL RBL: NJABL: dialup sender did non-local SMTP
> [217.162.227.XXX listed in combined.njabl.org]
>
> Well, sure, this makes sense, but how can I support this standard
> use-case? Postfix adding a SASL-header that causes Spamassassin then
> to ignore the message isn't the solution as spammers would simply do
> that sooner or later.
No, that is indeed the correct option. You then combine that with
"trusted_networks" (or perhaps it's "internal_networks", not sure),
trusting the relay that adds the SASL line, and that'll fix it.
Spammers will not be able to force trusted hosts to add SASL
auth lines.
--j.
> Short of whitelisting people, what should
> I do?
|