spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Hardin <jhar...@impsec.org>
Subject Re: Exclude from RCVD_IN_DNSWL_MED
Date Tue, 11 Sep 2012 00:58:51 GMT
On Tue, 11 Sep 2012, Noel Butler wrote:

> On Mon, 2012-09-10 at 18:34 +0000, Helmut Schneider wrote:
>
>> If I understood you correctly I'd need to add all relays of MessageLabs
>> to trusted_networks and also track any IP address changes...
>
> I wouldn't.
>
> I've seen multiple spam from messagelabs

Multiple spams _sent by_ MessageLabs, or multiple spams that they did not 
catch and block? If the latter, that's no reason not to add them to 
trusted_networks.

trusted_networks is for hosts you trust not to forge headers, not for 
hosts you trust not to originate or forward spam. I don't think 
MessageLabs would forge headers on mail they process for you under 
contract.

I apologize for my earlier suggestion, it was off-the-cuff; yes, if you 
use MessageLabs to process your inbound mail it does make sense to extend 
trust to them so that you do DNSBL and other checks on the host that 
delivers mail _to them_ rather than performing those checks against the 
MessageLabs hosts.

-- 
  John Hardin KA7OHZ                    http://www.impsec.org/~jhardin/
  jhardin@impsec.org    FALaholic #11174     pgpk -a jhardin@impsec.org
  key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
   Taking my gun away because I *might* shoot someone is like cutting
   my tongue out because I *might* yell "Fire!" in a crowded theater.
                                                   -- Peter Venetoklis
-----------------------------------------------------------------------
  Tomorrow: the 11st anniversary of 9/11

Mime
View raw message