On Fri, 20 Jun 2008, Jo Rhett wrote:
On Jun 19, 2008, at 9:21 PM, John Hardin wrote:
/from \S+\.svcolo\.com (\S+ \[10\.\d+\.\d+\.\d+\]) by arran\.svcolo\.com (/
You actually need some backslashes too, but I figured it out. Thanks.
D'oh!
See my other note about trusted_hosts breaking all forms of
whitelisting, FYI. This kind of hackery (although appreciate the help)
is kindof nonsense :-(
Yeah. Trust and Internal properly set up and working is, of course, the
optimal solution. Just wanted to point out it's not the _only_ solution.
Also:
On Jun 19, 2008, at 9:12 PM, Matt Kettler wrote:
That is correct, SPF checks are applied to the first untrusted host. The
question here would be if 10.x.x.x is in fact an internal, and presumably
trusted, network, why isn't it trusted?
The mail server I'm receiving this on is in the outside world. If a 10.x
address connects to it, I don't want that address to be trusted for any
reason. Only 10.x addresses that came via a trusted host ;-)
10.x is (supposedly) not routable on the public internet. If you see 10.x
(or other RFC-1918) traffic coming in from the world, your ISP is broken.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
[EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED]
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Perfect Security is unattainable; beware those who would try to sell
it to you, regardless of the cost, for they are trying to sell you
your own slavery.
-----------------------------------------------------------------------
14 days until the 232nd anniversary of the Declaration of Independence
