I have a single SMTP server with single public IP address. I have set
trusted_networks my.ip.num.ber
internal_networks my.ip.num.ber
and removed the clear_originating_ip_headers line. I also added the line
add_header all RelaysUntrusted _RELAYSUNTRUSTED_
based on the suggestion in the TrustPath documentation at
https://cwiki.apache.org/confluence/display/SPAMASSASSIN/TrustPath
The documentation there only suggests setting my trusted_networks and
internal_networks, not clearing either of them.
Now, when I manually check the messages, the X-Spam-RelaysUntrusted:
header displays the mail host that my server received the message from.
That seems proper. HOWEVER, even though that is supposed to be the host
used for all IP based checks, DNSWL_HI is being triggered. The first
untrusted host is not in the dnswl.org high confidence list. However the
IP in X-Originating-Ip: is listed in dnswl.org's high confidence list.
I don't know why spamassassin would use that header, though, since it is
below the Received: line for the first untrusted relay.
On 2022/12/27 18:20:35 Matus UHLAR - fantomas wrote:
> >On 2022/12/26 23:47:41 Benny Pedersen wrote:
> On 27.12.22 13:04, John Stimson via users wrote:
> >Thanks -- I found a mechanism that empties the list of headers used to
> >determine the originating IP. I added this line to my local.cf:
> >
> >clear_originating_ip_headers
>
> I recommend checking:
>
> trusted_networks
> clear_trusted_networks
>
> internal_networks
> clear_internal_networks
>
> these to be set up properly instead of just clear_originating_ip_headers
>
> - you should still check them, as they give you opportunity to check
proper
> headers in DNS, not just in DNSWL.
