Am 19.06.2015 um 16:31 schrieb PGNd:
Fwiw, removing ALL_TRUSTED from the shortcircuiting meta definition certainly prevents it from triggering the shortcircuit. However, it still fires -- incorrectly & intermittently, albeit now with a "-1" score attached. The LHLO/LMTP header still is added at the backend, and UNPARSEABLE_RELAY still hits. I've not yet determined what the actual problem with the parsing is.
why is SA running at all at the backend instead where the message arrives on the network? and even if the backend server is using SA for his own submitted mails (outgoing mailflow) there is no point in re-scan already scanned mails from the MX which should deliver on a dedicated port with disabled filters
10027 inet n - n - 50 smtpd -o mynetworks=ip-of-inbound-mx -o smtpd_client_connection_count_limit=50 -o smtpd_recipient_restrictions=$spamfilter_smtpd_recipient_restrictions -o receive_override_options=no_milters,no_unknown_recipient_checks -o local_header_rewrite_clients= -o sender_dependent_relayhost_maps= -o content_filter= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_sender_login_maps= -o smtpd_data_restrictions= -o smtpd_end_of_data_restrictions= -o smtpd_restriction_classes= -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_rate_limit=0 -o smtpd_client_recipient_rate_limit=0 -o smtpd_client_message_rate_limit=0 -o smtpd_sasl_auth_enable=no -o smtpd_reject_footer= -o max_idle=1h -o max_use=1000 -o syslog_name=postfix/spamfilter
signature.asc
Description: OpenPGP digital signature
