On Wed, 5 Jan 2011, George Spelvin wrote:
The best way is to tell your glue layer not to pass internal-to-internal
mails to SA in the first place.
What is your MTA (I'm assuming qmail) and how is SA hooked into it?
It's qmail (yes, I know; it REALLY should be replaced...), and SA
is hooked in via the .qmail delivery file. So it just gets everything.
Ok, I'm not a qmail guru so somebody else will have to suggest how to
prevent SA from scanning mail from internal IP addresses destined for
local mailboxes.
What confuses me about your suggestion is that it's basically
a filtering rule, so I wonder why I can't use SA to do it...
As Karsten said, SA _can_ do it, but it's more efficient to do it at the
MTA level - assuming you can partition your MTA filtering by source IP and
delivery destination, and assuming you don't think there will be any
locally-originated spam.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Gun Control is nothing more than an attempt to return to feudalism,
where the peasants are helpless and must humbly petition their lord
and master to protect them from bandits and thieves (when they can
get around to it), and where the lords and masters can abuse the
peasants whenever they like without fear of effective resistance.
-----------------------------------------------------------------------
12 days until Benjamin Franklin's 305th Birthday
