Another issue you'll run into with road warriors is blocks on port 25. They may not be ABEL to authenticate with your server. They'll have to use port 587 (submission) on some connections. This is so common, that I even support 587 inside my firewall so the client setup doesn't need to change when my laptop comes home.
Dan -----Original Message----- From: Thomas Bolioli [mailto:[EMAIL PROTECTED] Sent: Monday, December 18, 2006 10:37 AM To: users@spamassassin.apache.org Subject: roaming users sending mail internally and dynamic IPs issue Whenever our users travel outside the internal networks and send email to each other, the emails get tagged by the below reports (yes, I cranked up the default scores because of the botnet crap out there) because they are on dyn IPs and sending direct to the receiving MTA. I see a couple of ways that this can be remedied, most of which is acceptable. a) Whitelist all of the users (or the entire domain) for every domain on the system [obviously bad since it allows spammers to spoof from headers with impunity even with SPF setup]. b) set up second machine to be a second MTA and have users send email from machine 2 which then relays to machine 1 [waste of a machine and energy to run that machine]. or c) there is some configuration I am missing. Does anyone know what I can do to fix this? Thanks, Tom * 0.7 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP address * [xx.xx.xx.xx listed in dnsbl.sorbs.net] * 2.5 RCVD_IN_NJABL_DUL RBL: NJABL: dialup sender did non-local SMTP * [xx.xx.xx.xx listed in combined.njabl.org]
