On 02/07, Lutz Petersen wrote: > > If you use mobile.de as a forwarder, it may make sense to add there IPs to > > your trusted_networks configuration. If you do this, the DNSxL tests are > > applied to the IP _before_ the mobile.de hop. > > That is no problem special to us or our customers. The whitelist level for > the four mobile.de IPs in the dnswl simply is wrong. Instead of HI a level > of NONE would be right.
FYI, the guy you were replying to there runs dnswl. It sounds like one of your customers has created a mobile.de account, and requested that email to that account be forwarded to an address for which you are hosting mail. If that is the case, this is what spamassassin would call a trusted relay, and you should add mobile.de's IPs as trusted relays, like: trusted_networks 194.50.69.1 This will cause spamassassin to use the IP from the relay before mobile.de for blacklist and whitelist (dnswl) lookups. It's kind of an awkward, inconvenient situation. But if your customer has requested these emails be relayed, it's kind of unreasonable for you to expect dnswl to delist them. Does that all make sense? On the other hand, if nobody ever requested that these emails be relayed, and you can firmly establish that, I (and a couple other people in this thread) would be happy to drop their score in dnswl. It just doesn't sound like that's what's happening. As Niamh mentioned, dnswl.org has no record of abuse reports, or blacklists listing this IP, which is further evidence that something else is going on in your situation. (I'm also an (inactive) dnswl admin.) -- "The whole aim of practical politics is to keep the populace alarmed -- and hence clamorous to be led to safety -- by menacing it with an endless series of hobgoblins, all of them imaginary." - H. L. Mencken http://www.ChaosReigns.com
