I want to add this to the whitelist. So I have this rule in a custom rule set (I KNOW these rules should be firing, as some of the other rules in this file are hitting on test messages):
whitelist_from_rcvd [EMAIL PROTECTED] ezwsmtp03.xm-radio.com
What am I doing wrong here? This rule is completely ignored.
I see two Received: headers in your network. Does SA run on the second mailserver? or does SA run on the first (tireswing.arsalon.net) and the second is just an internal post office server?
If SA runs on the second box, you probably need some tweaks to your trust path. SA by default may not trust tireswing.arsalon.net, and thus will not recognize the mail as coming from xm-radio.com, it will recognize it as coming from arsalon.net.
To fix it log in to your mailserver, and run the following commands:
host tireswing.arsalon.net
host tireswing.netAdd those IPs, and only those IPs, to your trusted_networks statement with /32 netmasks on the end.
i.e: (assuming that tireswing.net doesn't self-resolve to a reserved IP due to nat. if it does, substitute accordingly)
trusted_networks <http://www.DNSstuff.com/tools/whois.ch?ip=206.113.206.225>206.113.206.225/32 <http://www.DNSstuff.com/tools/whois.ch?ip=206.113.206.224>206.113.206.224/32 127.0.0.1/32
One thing that does concern me, is it looks like the hostname your server uses (tireswing.net) doesn't resolve to your own IP. That's a VERY bad thing for a mailserver, if it's the case...
This was in your outbound mail:
Received: from TIRESWING.tireswing.net (12-217-55-151.client.mchsi.com [12.217.55.151])
(authenticated bits=0)
by tireswing.arsalon.net (8.12.10/8.12.10) with ESMTP id iBO3gmMO004984
for <users@spamassassin.apache.org>; Thu, 23 Dec 2004 21:42:48 -0600
Which suggests that you are really not at <http://www.DNSstuff.com/tools/whois.ch?ip=206.113.206.225>206.113.206.225 (A record for "tireswing.net") but you are instead at 12.217.55.151. If SA is running at 12.217.55.151... that ought get fixed...
