Arthur Kerpician wrote: >> I'm facing the following problem lately. Some of my users are >> connecting to the mail server (qmail) through mobile phones and the >> leased IPs from the GSM operator are blacklisted in spamhaus and >> spamcop. So, they are using the smtp server with spamassassin 3.2.5 >> but their messages are marked as spam and not delivered, since the >> rbl checks are positive. >> >> Is there a way to "trust" smtp authenticated users in SA?
Magnus Holmgren responded: > It should happen automatically if the users authenticate with SMTP > AUTH and the MSA signals it in the Received: field (e.g. "Received: > from ... with ESMTPSA ..." instead of "with ESMTP"), but I don't know > if Qmail does that The best solution I've seen for this kind of thing is the POPAuth plugin, which uses the IMAP/POP authentication tables (as populated for the old fashioned POP-before-SMTP scheme) to temporarily add senders' IPs to SpamAssassin's trusted_networks list. http://wiki.apache.org/spamassassin/POPAuthPlugin > Otherwise I think you need to let a separate MSA, separate from the > main MTA and included in trusted_networks but not in > internal_networks, receive the users' mail, or arrange for a fake > Received line, simulating this, to be inserted. Since it is unwise to trust third-party spam/virus detection reports, the only use for scanning outbound mail is in blocking it (possible outbreaks, poorly composed announcements, bad jokes) or for statistical purposes (autolearn). I don't personally view either of those reasons as terribly worthwhile for my implementation, so I don't scan outgoing mail. The issue of scanning /incoming/ mail and parsing internal mail as noted by Arthur occurs when there is only one mail server in the loop; since it can't see other relays, SpamAssassin is forced to assume that the only foreign address it can find is actually the relay. As Magnus stated, this is best solved by running your outbound SMTP separate from your incoming MX record (even if on the same server ... just use different IP addresses and different SMTP server instances).
