Am 29.08.2014 um 01:51 schrieb Karsten Bräckelmann: > On Fri, 2014-08-29 at 01:06 +0200, Reindl Harald wrote: >> the question was just "how can i enforce RBL tests inside the own LAN" > >> the question was just "how can i enforce RBL tests inside the own LAN" > >> the question was just "how can i enforce RBL tests inside the own LAN" > > RBL tests cannot be enforced. Internal and trusted networks settings > need to be configured correctly to match the RBL test's scope, in your > case last-external. > > If there are trusted relays found in the Received headers, and the first > trusted one's connecting relay is external (not in the internal_networks > set), then an RBL test for last-external will be run. > > This is entirely unrelated to "own LAN" or "network range"
that may all be true for blacklists and default RBL rules it is no longer true in case of 4 internal WHITELISTS which you want to use to LOWER scores to reduce false positives while otherwise bayes may hit - such traffic can also come from the internal network in case of having postscreen and scoring in front of SA it is even a valid usecase to *completly* skip SA's using of blacklists and have 4 different DNSWL in the internal network with different trust-levels and hence different negative scores frankly it is somehow pervert that you can send a specific mailbody from outside and get a DNSWL negative score leading to accpet the message correctly and send the exactly same message from the own LAN and get it rejected by bayse filters that's also a lot of more trustable then sender whitelisting
signature.asc
Description: OpenPGP digital signature
