Hi All!
We had a mailserver (mail.wonkulating.net) running Sa 3.2.5 that had
the following constructs in it's config file:
header LOCAL_AUTH_RCVD Received =~ /^from [^ ]+
\([^)]*\)\s+\(authenticated bits=\d+\)\s+by mail\.wonkulating\.net/
describe LOCAL_AUTH_RCVD Message was received locally via an SMTP AUTH
connection.
score LOCAL_AUTH_RCVD -10
score LOCAL_SMTP_AUTH -20
header AUTHBIT0 From =~ /authenticated bits=0/
score AUTHBIT0 -10
describe AUTHBIT0 AUTH Port 587
We run Sendmail with the flag set to expose the authenticated bits in
the Received line.
This config was sufficient to exempt filtering from our users who used
authenticated SMTP to relay mail out from their mail client.
We just replaced with with new hardware and ran a newer version of Sa
version 3.3.2 on it. We are using
the same config as before but now, SA is no longer giving the negative
points to the relayed mail. I have verified the other programs are
working so it must be something in SA that has changed. Does anyone
have any suggestions?
Here is a header from an authenticated mail relayed to a gmail test
account, so you can see what the header looks like:
Delivered-To: tmittelsta...@gmail.com
Received: by 10.223.111.1 with SMTP id q1cs138152fap;
Wed, 10 Aug 2011 13:15:41 -0700 (PDT)
Received: from mr.google.com ([10.231.12.7])
by 10.231.12.7 with SMTP id v7mr11865701ibv.51.1313007341075
(num_hops = 1);
Wed, 10 Aug 2011 13:15:41 -0700 (PDT)
Received: by 10.231.12.7 with SMTP id v7mr9562485ibv.51.1313007340400;
Wed, 10 Aug 2011 13:15:40 -0700 (PDT)
Return-Path: <25ter...@wonkulating.net>
Received: from mail.wonkulating.net (mail.wonkulating.net [5.5.20.14])
by mx.google.com with ESMTPS id
t2si1771749iba.57.2011.08.10.13.15.38
(version=TLSv1/SSLv3 cipher=OTHER);
Wed, 10 Aug 2011 13:15:39 -0700 (PDT)
Received-SPF: neutral (google.com: 5.5.20.14 is neither permitted nor
denied by best guess record for domain of 25ter...@wonkulating.net)
client-ip=5.5.20.14;
Authentication-Results: mx.google.com; spf=neutral (google.com:
5.5.20.14 is neither permitted nor denied by best guess record for
domain of 25ter...@wonkulating.net) smtp.mail=25ter...@wonkulating.net
Received: from [192.168.0.4] (67-5-155-64.ptld.qwest.net [67.5.155.64])
(authenticated bits=0)
by mail.seasurf.net (8.14.4/8.14.4) with ESMTP id p7AKFbn5099852
for <tmittelsta...@gmail.com>; Wed, 10 Aug 2011 13:15:37 -0700 (PDT)
(envelope-from 25ter...@wonkulating.net)
Mime-Version: 1.0 (Apple Message framework v753.1)
In-Reply-To:
<CALh+=fixekmuznfqq-r4oh2vtmkqh+crkwygt78qka_nqwf...@mail.gmail.com>
References:
<CALh+=fixekmuznfqq-r4oh2vtmkqh+crkwygt78qka_nqwf...@mail.gmail.com>
Content-Type: text/plain; charset=US-ASCII; format=flowed
Message-Id: <38753ae9-a372-4fec-89e3-20dd1fa8b...@wonkulating.net>
Content-Transfer-Encoding: 7bit
From: Terry Andrews <25ter...@wonkulating.net>
Subject: Re: test
Date: Wed, 10 Aug 2011 13:15:30 -0700
To: Ted Mittelstaedt <tmittelsta...@gmail.com>
X-Mailer: Apple Mail (2.753.1)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by
milter-greylist-4.2.7 (mail.wonkulating.net [5.5.20.14]); Wed, 10 Aug
2011 13:15:37 -0700 (PDT)
X-Spam-Status: No, score=2.1 required=4.1 tests=RCVD_IN_PBL,
RCVD_IN_SORBS_DUL,RDNS_DYNAMIC autolearn=no version=3.3.2
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
mail.wonkulating.net
Ted
