On 30/12/2005 9:45 AM, Jeff Chan wrote:
On Wednesday, December 28, 2005, 9:15:02 AM, Obantec Support wrote:
if i enable spamcop i find a lot of my ADSL customers (not on my IP's) are
blocked. i use sbl-xbl but the IP's so far seem to have gotten thru.
You could use something like smtp authentication to allow (only)
them onto a mail server that doesn't use SpamAssassin. In
other words don't check your customers' own mail with
SpamAssassin.
Use SpamAssain on inbound mail *not* coming from your own
customers.
Probably others will have better ideas. Maybe SA even has a
provision or config for this.
You have a number of options...
1) Have these users submit mail to an MSA that doesn't have SpamAssassin
running on _that_ (logical) host. If the mail has to be scanned (for
whatever reason) include that MSA in your trusted_networks but NOT your
internal_networks configuration.
2) Use an SMTP auth configuration that leaves auth tokens in the
received headers so that SpamAssassin (3.0.2+) can automatically extend
the trusted network boundary to those users.
3) If you're using POP-before-SMTP (which I hope you are if you're not
using SMTP auth and don't know what your customers IPs are) there is a
POPAuth plugin for SpamAssassin 3.1.0, available on the wiki, that will
extend the trust boundary to users found in your POPAuth/POP-before-SMTP
hash database.
The wiki page http://wiki.apache.org/spamassassin/DynablockIssues
outlines all of the above.
Daryl
