[Mimedefang] Cross-Post about SA Rule RCVD_IN_DYNABLOCK returning false positives
Nels Lindquist
nlindq at maei.ca
Thu Oct 2 20:36:00 EDT 2003
On 1 Oct 2003 at 11:29, VonEssen, John wrote:
> Blocking Dialup/DSL IPs of users who run their own local SMTP
> server for spamming... now that's a different story. But that is not
> what DYNABLOCK is doing.
That's exactly what it's *supposed* to be doing--the DYNABLOCK test
should only kick in for the relay connecting directly to your MTA.
Any "typical" dynamic IP address holder relaying outbound mail via
their ISP's MTA shouldn't trigger this test.
However, as your post on SA-Talk explained, yours is a special case
because you have clients connecting directly to your server.
By what method do you ensure that only your clients can relay through
your server, though? I'd expect the easiest way would be to utilize
SMTP AUTH, and if that's the case, then you could simply avoid
calling SpamAssassin for your clients' mail in the first place.
Within your mimedefang-filter, check for the presence of the
appropriate Sendmail macro:
eg:
if (! exists($SendmailMacros{'auth_authen'}) {
($hits, $req, $tests, $report) = spam_assassin_check();
}
Or if you're authenticating by IP address, you could use:
if ($RelayAddr !~ /$ClientRelays/) {
($hits, $req....
}
> Obviously, I'll just remove the DYNABLOCK test from SA. But like I said,
> the last couple of weeks/months have been very annoying given all these
> RBL issues. I might drop all of them except for a few (ORBD, SpamCop,
> etc.,.) and rely mainly on PYZOR, DCC, and content filters.
If you can avoid running SA for your clients' mail, then you
shouldn't have to disable *any* tests for non-client mail.
----
Nels Lindquist <*>
Information Systems Manager
Morningstar Air Express Inc.
More information about the MIMEDefang
mailing list