> On 12/8/2016 10:54 AM, Marcus Schopen wrote: >> Hi, >> >> some of my users forward external mails to my host. In some cases those >> forwarding hosts don't filter spam. How do I parse back through >> forwarding headers to find the true source IP and run dnsrbl checks on >> that IP. I don't want to reject those mails in case of spam, so that the >> forwarding host will become a backscatter, but just marking them. I >> tried to set the forwarding host IPs to trusted_networks, which helps >> with wrong dnswl.org checks, but RBL checks are disabled then. Any ideas >> how to handle that?
Not sure what you mean by "RBL checks are disabled then"; do you mean that none of them fire when expected? *Some* DNSBL rules will fire differently in this case depending on whether they were defined with -lastexternal or -firsttrusted, but most should work fine and do what you want. I do this here for customers who have domain mail hosted with a third party, with mail forwarded to their ISP account with us. Kevin A. McGrail wrote: > I would answer that you can't. Unless they forward you the source or > the original email as an attachment, many times that information is lost. That depends on whether this is automated forwarding at the mail system level, or by-hand forwarding in any mail client. Automated forwarding should just be another SMTP hop, and adding the third-party host to trusted_networks should work just fine[1]. Mail that was forwarded by hand, yeah, you're usually stuck unless you can teach your users how to properly forward as attachment. Inline forwards rarely include *any* origin IP info, or any headers at all other than From, To, CC, Subject, and Date. -kgd [1] Unless the third party mail host is one who routes forwarded mail for a single domain through outbound IPs across half a dozen /8 ranges (yes, really, I have observed this personally). In which case you can either give up on getting correct origin IP information, or play trusted_networks whack-an-IP until the results are "good enough".
