On 27.12.22 17:28, John Stimson via users wrote:
I have a single SMTP server with single public IP address. I have set
trusted_networks my.ip.num.ber
internal_networks my.ip.num.ber
and removed the clear_originating_ip_headers line. I also added the line
add_header all RelaysUntrusted _RELAYSUNTRUSTED_
based on the suggestion in the TrustPath documentation at
https://cwiki.apache.org/confluence/display/SPAMASSASSIN/TrustPath
The documentation there only suggests setting my trusted_networks and
internal_networks, not clearing either of them.
Now, when I manually check the messages, the X-Spam-RelaysUntrusted:
header displays the mail host that my server received the message
from. That seems proper. HOWEVER, even though that is supposed to be
the host used for all IP based checks, DNSWL_HI is being triggered.
have you reloaded amavisd?
The first untrusted host is not in the dnswl.org high confidence list.
However the IP in X-Originating-Ip: is listed in dnswl.org's high
confidence list. I don't know why spamassassin would use that header,
though, since it is below the Received: line for the first untrusted
relay.
SA will use this header if it trusts server that set the header.
This should not be your case.
do you have anything set in amavis' home directory?
usually ~amavis/.spamassassin
On 2022/12/27 18:20:35 Matus UHLAR - fantomas wrote:
>On 2022/12/26 23:47:41 Benny Pedersen wrote:
On 27.12.22 13:04, John Stimson via users wrote:
>Thanks -- I found a mechanism that empties the list of headers used to
>determine the originating IP. I added this line to my local.cf:
>
>clear_originating_ip_headers
I recommend checking:
trusted_networks
clear_trusted_networks
internal_networks
clear_internal_networks
these to be set up properly instead of just clear_originating_ip_headers
- you should still check them, as they give you opportunity to check
proper
headers in DNS, not just in DNSWL.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux IS user friendly, it's just selective who its friends are...