Hi All, I was doing a bit of "spamassassin -D" testing with SA 3.2.4 and noticed that it's running my own mail server name through various DNSBL tests.
Here are the headers of the particular message I am testing: >From [EMAIL PROTECTED] Tue Dec 2 05:24:59 2008 Return-Path: <[EMAIL PROTECTED]> X-Sieve: CMU Sieve 2.2 X-Original-To: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] Received: from johnstonsz.net (unknown [64.86.206.149]) by linux.interlinx.bc.ca (Postfix) with ESMTP id E0F4A86FF for <[EMAIL PROTECTED]>; Tue, 2 Dec 2008 05:24:55 -0500 (EST) Received: by johnstonsz.net (Postfix) with SMTP id 1C89413122ED for <[EMAIL PROTECTED]>; Tue, 2 Dec 2008 05:25:54 -0500 (EST) Subject: Shop On us - 1000 Wal-Mart GiftCard! From: SamplePacks<[EMAIL PROTECTED]> Reply-to: <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] X-Priority: 5 X-Mailer: AlphaPlus Content-Type: text/html; charset=us-ascii; Content-Disposition: inline Message-Id: <[EMAIL PROTECTED]> Date: Tue, 2 Dec 2008 05:25:54 -0500 (EST) X-Evolution-Source: imap://[EMAIL PROTECTED]/ Content-Transfer-Encoding: 8bit Mime-Version: 1.0 Here's the relevant bits of the SA debug: [29986] dbg: received-header: parsed as [ ip=64.86.206.149 rdns= helo=johnstonsz.net by=linux.interlinx.bc.ca ident= envfrom= intl=0 id=E0F4A86FF auth= msa=0 ] [29986] dbg: received-header: relay 64.86.206.149 trusted? no internal? no msa? no [29986] dbg: metadata: X-Spam-Relays-Trusted: [29986] dbg: metadata: X-Spam-Relays-Untrusted: [ ip=64.86.206.149 rdns= helo=johnstonsz.net by=linux.interlinx.bc.ca ident= envfrom= intl=0 id=E0F4A86FF auth= msa=0 ] [29986] dbg: metadata: X-Spam-Relays-Internal: [29986] dbg: metadata: X-Spam-Relays-External: [ ip=64.86.206.149 rdns= helo=johnstonsz.net by=linux.interlinx.bc.ca ident= envfrom= intl=0 id=E0F4A86FF auth= msa=0 ] So it seems that the "by linux.interlinx.bc.ca" specification of what should be the first "trusted" Received: header is being used later in DNSBL tests: [29986] dbg: dns: launching DNS A query for linux.interlinx.bc.ca.rhsbl.ahbl.org. in background [29986] dbg: async: starting: DNSBL-A, dns:A:linux.interlinx.bc.ca.rhsbl.ahbl.org. (timeout 15.0s, min 3.0s) [29986] dbg: dns: checking A and MX for host linux.interlinx.bc.ca [29986] dbg: dns: launching DNS A query for linux.interlinx.bc.ca in background [29986] dbg: async: starting: NO_DNS_FOR_FROM, DNSBL-A, dns:A:linux.interlinx.bc.ca (timeout 15.0s, min 3.0s) [29986] dbg: dns: launching DNS MX query for linux.interlinx.bc.ca in background [29986] dbg: async: starting: NO_DNS_FOR_FROM, DNSBL-MX, dns:MX:linux.interlinx.bc.ca (timeout 15.0s, min 3.0s) ... [29986] dbg: dns: launching DNS A query for linux.interlinx.bc.ca.bl.open-whois.org. in background [29986] dbg: async: starting: DNSBL-A, dns:A:linux.interlinx.bc.ca.bl.open-whois.org. (timeout 15.0s, min 3.0s) ... [29986] dbg: dns: launching DNS A query for linux.interlinx.bc.ca.fulldom.rfc-ignorant.org. in background [29986] dbg: async: starting: DNSBL-A, dns:A:linux.interlinx.bc.ca.fulldom.rfc-ignorant.org. (timeout 15.0s, min 3.0s) I do (believe) I understand trusted_networks and internal_networks and have them configured for my local installation, but given that Recieved: header (which should be a trusted), how is SA to know that it's on the internal or trusted networks list when it doesn't have the IP address of the relay in it. Maybe that is the crux of the problem. My MTA is Postfix 2.5.1 FWIW. Any ideas? b.
signature.asc
Description: This is a digitally signed message part
