OK, got the picture. Guess I'll go for the upgrade of postfix.
Thanks again, Luis 2007/6/13, Daryl C. W. O'Shea <[EMAIL PROTECTED]>:
Luis Hernán Otegui wrote: > OK, Daryl, got the point. Made a rule to match my Postfix-2.2 auth > headers. Now, a question: how do I assign a score of zero to SPF_FAIL > (in order to disable that rule) if my custom rule matches? I guess > it's via a META rule, but I can't get it working... > > Based on the rule published at SA's Wiki, I was thinking of something > like this: > > header LOCAL_AUTH_RCVD Received =~ /\(authenticated \(\d+ bits\)\) > by services04\.student\.cs\.uwaterloo\.ca / > > meta LOCAL_AUTH_NO_SPF (LOCAL_AUTH_RCVD && SPF_FAIL) > > But here I lost it. Thought of something like this: > > score LOCAL_AUTH_NO_SPF -0.693 > > which has the exact reverse score of SPF_FAIL. I think it would be > more elegant to zero that rule in this particula case. But I don't > know how to do it... The problem is that SPF_FAIL isn't the only thing that you don't want to trigger that could trigger. Any of the DNSBL tests could hit, too, depending on where your roaming users connect from. If you can't get one of the methods to extend trust to work (getting Postfix to insert an auth header in late 2.2 or any 2.3+ or using msa_networks in SA 3.2) you're best off not scanning auth'd mail at all if you can manage a way to do it. Otherwise, the UW example of matching on a received header and deducting a score is your last resort. You might as well make it a fairly large negative score since you'll want it to counter both SPF_FAIL and any DNSBL tests that hit. There's no way to use a meta, or anything other than a plugin that mucks with SA internals, to zero the score for SPF_FAIL as you'd like. Daryl
-- ------------------------------------------------- GNU-GPL: "May The Source Be With You... Linux Registered User #448382. When I grow up, I wanna be like Theo... -------------------------------------------------
