John Rudd wrote:
Rick Macdougall wrote:
John Rudd wrote:
Hi,
Right off the bat I've disabled it. It, of course, hits on all mail
my local users send. That's not really acceptable in an ISP situation
so I've turned it off until tomorrow when I have the time to look at
the code and see if I can disable the check for specific IP's or host
names.
I can say it was hitting on a lot of spam that was passing through as
clean before, so there is quite a bit of merit to the idea. It would
just need the ability to ignore local clients.
Are those users on your trusted network? It should only be looking at
your first untrusted relay.
Though, if they're authenticated, I wouldn't mind trying to figure out
how to extract that from the information, and exempt those.
I could easily add a list of exemptions though.
Hi,
No, they aren't in my trusted networks because I don't trust them.
The reasoning behind the scanning is to pro-actively catch infected
users spewing spam before much damage is done. We run a script every 5
minutes to check for local IP's that are sending spam and if we get a
pre-defined number of matches it sends us an email.
I may try it later today on one of our external facing MX servers and
see how it fairs there. (After coffee and fully waking up).
Regards,
Rick
