On 12/17/2010 11:57 AM, Giampaolo Tomassoni wrote:
On 12/17/2010 10:15 AM, Kris Deugau wrote:
Ted Mittelstaedt wrote:
I know that, Sendmail adds the same flag when setup for auth SMTP.
The
problem is that SA will see this and assume the mail is safe.
N if your trust path is set corr
On Wed, 8 Dec 2010, Matt wrote:
Anyone using the Fake MX trick?
http://www.webhostingtalk.com/wiki/Fake_MX
Is it safe to use a fake high and low mx?
At my last company, I found it very useful to setup the high MX's to
use a greylist. I would not use a low MX for this.
It was very ef
* Ted Mittelstaedt :
> On 12/17/2010 8:41 AM, Jason Bertoch wrote:
> >On 2010/12/17 11:28 AM, Aaron Bennett wrote:
> >>I've got an issue where users off-campus who are doing authenticated
> >>SMTP/TLS from home networks are having their mail hit by the PBL. I
> >>have trusted_networks set to includ
> I've got an issue where users off-campus who are doing authenticated
> SMTP/TLS from home networks are having their mail hit by the PBL. I
> have trusted_networks set to include the incoming relay, but still the
> PBL hits it as follows:
>
I mentioned in a direct email (as my blackberry won't
> On 12/17/2010 10:15 AM, Kris Deugau wrote:
> > Ted Mittelstaedt wrote:
> >> I know that, Sendmail adds the same flag when setup for auth SMTP.
> The
> >> problem is that SA will see this and assume the mail is safe.
> >
> > N if your trust path is set correctly, then SA won't run
> tests
On 2010/12/17 2:48 PM, Robert Schetterer wrote:
forget trusted_networks use i.e spamass-milter
with spamassassin with option -I: skip (ignore) checks if sender is
authenticated
Though I've not used spamass-milter, will this really work if the
authentication server is not local?
--
/Jason
Am 17.12.2010 17:28, schrieb Aaron Bennett:
> Hi,
>
> I've got an issue where users off-campus who are doing authenticated SMTP/TLS
> from home networks are having their mail hit by the PBL. I have
> trusted_networks set to include the incoming relay, but still the PBL hits
> it as follows:
>
On 12/17/2010 2:24 PM, Ted Mittelstaedt wrote:
>
>
> Exactly my point. The problem I have had with SA as I said in my
> original response is that even if you use authenticated SMTP that
> setting the auth flag in the received header simply didn't work.
> Even when it is there, SA still filtered.
On Fri, 17 Dec 2010 11:24:51 -0800
Ted Mittelstaedt wrote:
> It is possible this is because I use sa-milter.
If you want to make complex policy decisions, you might want to use
something like MIMEDefang (note: I'm the author. :))
It lets you encode your mail processing logic in Perl, so you can
On 12/17/2010 10:15 AM, Kris Deugau wrote:
Ted Mittelstaedt wrote:
I know that, Sendmail adds the same flag when setup for auth SMTP. The
problem is that SA will see this and assume the mail is safe.
N if your trust path is set correctly, then SA won't run tests
like eg PBL (IP blocks
On 12/17/2010 9:32 AM, Benny Pedersen wrote:
On fre 17 dec 2010 18:19:55 CET, Ted Mittelstaedt wrote
The whole point of auth smtp is to come from UN-trusted networks.
will not agre on that one, if you require auth it must check all ip even
localhost
I don't mean to say that just because aut
> My experience with SA is that if it sees that flag anywhere in the
> header, it will assume the mail is safe. I have also had the
> experience
No, Ted. SA wouldn't accept an authenticated mark from outside its
trusted_network.
> with earlier versions of SA that they ignore the flag completely
Ted Mittelstaedt wrote:
I know that, Sendmail adds the same flag when setup for auth SMTP. The
problem is that SA will see this and assume the mail is safe.
N if your trust path is set correctly, then SA won't run tests
like eg PBL (IP blocks designated by the nominal owner as "not a
On 12/17/2010 9:28 AM, Jason Bertoch wrote:
On 2010/12/17 12:19 PM, Ted Mittelstaedt wrote:
why are you using authenticated SMTP from trusted networks?
The whole point of auth smtp is to come from UN-trusted networks.
In the OP's case, his authenticating server is separate from his SA
server
On 12/17/2010 9:23 AM, Aaron Bennett wrote:
-Original Message- From: Ted Mittelstaedt
[mailto:t...@ipinc.net] Sent: Friday, December 17, 2010 12:20 PM
To: users@spamassassin.apache.org Subject: Re: preventing
authenticated smtp users from triggering PBL
why are you using authenticated SM
> SA also avails the msa_networks setting to allow a node to act both as
> a MX and a MUA, making a message look like "internally sourced" iff the
> node says it is from an authenticated source.
Of course, I meant:
SA also avails of the msa_networks setting to allow a node to act both as a
MTA an
> From: Ted Mittelstaedt [mailto:t...@ipinc.net]
>
> And what prevents a spammer from forging this into a header and
> bypassing SA? Just askin.
>
> Ted
The fact that the authenticating server forwarding the request is trusted
and/or internal network.
SA doesn't look at any auth token outside
On fre 17 dec 2010 18:36:25 CET, Ted Mittelstaedt wrote
But, go ahead, do it your way. If your a small site you might
even be OK for long enough to forget this advice. But sooner
or later your going to get cracked into and you will wish you
had separated the servers.
clamav stops most of this
On 12/17/2010 9:12 AM, Kris Deugau wrote:
Ted Mittelstaedt wrote:
On 12/17/2010 8:41 AM, Jason Bertoch wrote:
Based on the headers you included, there's nothing indicating the sender
was authenticated. Are you using the following in postfix?
smtpd_sasl_authenticated_header yes
And what prev
On fre 17 dec 2010 18:19:55 CET, Ted Mittelstaedt wrote
The whole point of auth smtp is to come from UN-trusted networks.
will not agre on that one, if you require auth it must check all ip
even localhost
or yes, i see any ip as untrusted if user do not pass sasl auth
firefox is olso a saf
On 2010/12/17 12:19 PM, Ted Mittelstaedt wrote:
why are you using authenticated SMTP from trusted networks?
The whole point of auth smtp is to come from UN-trusted networks.
In the OP's case, his authenticating server is separate from his SA
server. In any case, the server indicating authen
> -Original Message-
> From: Ted Mittelstaedt [mailto:t...@ipinc.net]
> Sent: Friday, December 17, 2010 12:20 PM
> To: users@spamassassin.apache.org
> Subject: Re: preventing authenticated smtp users from triggering PBL
>
> why are you using authenticated SMTP from trusted networks?
>
> T
On 12/17/2010 8:51 AM, Jason Bertoch wrote:
On 2010/12/17 11:47 AM, Ted Mittelstaedt wrote:
And what prevents a spammer from forging this into a header and
bypassing SA? Just askin.
Without checking, I'd guess that matching an authentication header with
an address in trusted_networks would be
Ted Mittelstaedt wrote:
On 12/17/2010 8:41 AM, Jason Bertoch wrote:
Based on the headers you included, there's nothing indicating the sender
was authenticated. Are you using the following in postfix?
smtpd_sasl_authenticated_header yes
And what prevents a spammer from forging this into a hea
On fre 17 dec 2010 17:47:26 CET, Ted Mittelstaedt wrote
smtpd_sasl_authenticated_header yes
And what prevents a spammer from forging this into a header and
bypassing SA? Just askin.
clever :-)
this is just informative header, not one that disable sasl in postfix
sender can add this header s
On 2010/12/17 11:47 AM, Ted Mittelstaedt wrote:
And what prevents a spammer from forging this into a header and
bypassing SA? Just askin.
Without checking, I'd guess that matching an authentication header with
an address in trusted_networks would be sufficient. If your
authentication server
On 2010/12/17 11:46 AM, Aaron Bennett wrote:
-Original Message-
Based on the headers you included, there's nothing indicating the sender
was authenticated. Are you using the following in postfix?
smtpd_sasl_authenticated_header yes
No, I'm not -- that's a good idea. If I
On 12/17/2010 8:41 AM, Jason Bertoch wrote:
On 2010/12/17 11:28 AM, Aaron Bennett wrote:
I've got an issue where users off-campus who are doing authenticated
SMTP/TLS from home networks are having their mail hit by the PBL. I
have trusted_networks set to include the incoming relay, but still the
> -Original Message-
>
> Based on the headers you included, there's nothing indicating the sender
> was authenticated. Are you using the following in postfix?
>
> smtpd_sasl_authenticated_header yes
No, I'm not -- that's a good idea. If I turn that on, can I write a rule bas
I've tusseled with this and eventually I gave up and setup a cheap PC
with FreeBSD that does nothing other than serve authenticated SMTP for
customers. Obviously it does not run spamassassin. It relays all mail
(inbound and outbound) to the main server.
The one thing I would advise if you do th
On 2010/12/17 11:28 AM, Aaron Bennett wrote:
I've got an issue where users off-campus who are doing authenticated SMTP/TLS
from home networks are having their mail hit by the PBL. I have
trusted_networks set to include the incoming relay, but still the PBL hits it
as follows:
Received: from
Hi,
I've got an issue where users off-campus who are doing authenticated SMTP/TLS
from home networks are having their mail hit by the PBL. I have
trusted_networks set to include the incoming relay, but still the PBL hits it
as follows:
Received: from cmail.clarku.edu (muse.clarku.edu [140.23
32 matches
Mail list logo
