John, let's say that you have a Postfix gateway in front of your IMail+Declude server.
If you whitelist the gateway, then all mail from that server or passed through that server will be whitelisted. That would be *bad*. You would instead use IPBYPASS, so that all the IP based tests are not against your gateway, but rather against the host that sent the message to your gateway. Now let's say that there is no server in front of your IMail+Declude server, but you do have one customer whose mail is being redirected to you by their old server. You would still want to IPBYPASS that server if all it ever sends is from the one domain. If you WHITELIST it instead, then once again, you get all the spam that comes from it or through it. If you try to WHITELIST and IPBYPASS, the IPBYPASS will win, and no IP based tests will run against that host. Messages that passed through that host will have IP based tests run on the hop before that host. Messages directly from that host will have no IP based tests run against it. If you WHITELIST an internal server, then following the logic from the previous example, you would then run IP based tests against your internal workstations. If it's a private IP address space, probably none of the IP tests would trigger (unless you test for Bogons). If it's not a private space, or you NAT-hide what would be a public space, you would expect that DUHL tests would trigger on all of the internal mail clients. This is why my ancient global.cfg has a note in it to tell you to whitelist your own client space or don't use the DUHL tests! Does that help? Andrew 8) -----Original Message----- From: John Tolmachoff (Lists) [mailto:[EMAIL PROTECTED] Sent: Thursday, July 08, 2004 4:11 PM To: [EMAIL PROTECTED] Subject: [Declude.JunkMail] IPBYPASS and WHITELIST IP If you have a WHITELIST IP line for an IP address, does it make sense or is it redundant to have a IPBYPASS line for that IP? John Tolmachoff Engineer/Consultant/Owner eServices For You --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
