On Tue, 2004-12-07 at 01:22 -0600, David B Funk wrote:
> On Tue, 7 Dec 2004, Thomas Cameron wrote:
>
> > I do not understand why this is tagged ALL_TRUSTED!
> >
> > Here is my local.cf:
> > ###########################################
> [snip..]
> >
> > clear_trusted_networks
> > trusted_networks 24.173.79.19/32
> > ###########################################
> >
> > As you can see, the only trusted network I have is my mail server! Why is
> > ALL_TRUSTED hitting? I am about to set ALL_TRUSTED to a score of 0!
> >
> > Thomas
>
> Silly question; precisely how do you have SA integrated into your
> mail system?
>
> I noticed that you are using sendmail & clamav-milter, are you also
> using a milter to connect spamd into your mail system?
> If so, precisely which milter?
>
> This is important, as not all sendmail spam-milters are created equal. ;)
> Here is the issue specific to your situation.
>
> The milter gets the message from sendmail "raw", IE before sendmail
> does any of it's usual processing of the message SUCH AS ADDING
> "Received" headers.
>
> So the milter does NOT see that particular header:
>
> Received: from CM02.outbound.mail (mailer4.monteraymedia.com [66.63.189.28]
> (may be forged)) by mail.camerontech.com (8.13.1/8.13.1) with ESMTP id
> iB75ihQg015990 for <[EMAIL PROTECTED]>; Mon, 6 Dec 2004
> 23:44:44 -0600
>
> which is critical to SA's ability to determine local vs non-trusted
> hosts.
>
> Well crafted milters will understand that and internally synthesize
> a 'Received:' header to mimic the one that your sendmail will add.
> Without that (or if it isn't done well) then SA will never be able to
> properly do the trust determination.
>
> Dave
>
Hrm - that makes a lot of sense. I am using spamass-milter (the latest
from CVS as of about a week ago).
I actually have the following at the bottom of my sendmail.mc:
INPUT_MAIL_FILTER
(`clmilter',`S=local:/var/run/clamav/clmilter.sock,F=,T=S:4m;R:4m')dnl
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass.sock, F=,
T=C:15m;S:4m;R:4m;E:10m')dnl
define(`confMILTER_MACROS_CONNECT',`b, j, _, {daemon_name}, {if_name},
{if_addr}')dnl
INPUT_MAIL_FILTER(`greylist',`S=local:/var/milter-greylist/milter-
greylist.sock')dnl
define(`confMILTER_MACROS_CONNECT', `j, {if_addr}')dnl
define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}')dnl
define(`confMILTER_MACROS_ENVFROM', `i, {auth_authen}')dnl
I just realized I have two confMILTER_MACROS_CONNECT definitions. I
don't think
that that would cause this but I need to address this tomorrow after
I've slept some. :-)
Thomas
