[Mimedefang] Previous relay information

[Jan-Pieter Cornet]

On Wed, Dec 13, 2006 at 06:43:37PM +0900, Mark van Proctor wrote:
> A couple of spam, however, are getting through by sending to our secondary
> mail server, which we have no control over and which is then forwarding the
> emails to us (in an smtp compliant manner... respecting out TEMPFAILs and
> sending again when it can...).
>  
> Has anyone implemented some form of parsing of the received headers to
> determine who the previous relay was? When is the earliest time that these
> headers are available? filter_begin? Are these easily accessible through
> mimedefang's variables or will we need to build some kind of script that
> will parse the actual mail files?

The previous relay is only available after the email itself (containing
the headers) is received, so filter_begin at the earliest.

You can put your backup MX in spamassassin's internal_networks setting
(or if you haven't set that yet, in trusted_networks). This will at 
least clue in spamassassin about the real relay.

It isn't readily available in mimedefang unless you can also run
mimedefang on the secondary MX. Parsing the Received header is your
only option, in this case.
  
> Any help / thoughts / suggestions are much appreciated!!

By far your best option is simply to remove the backup ("secondary")
MX from the DNS. Using fallback MX not under your control is really
outdated these days.

-- 
Jan-Pieter Cornet <johnpc at xs4all.nl>
!! Disclamer: The addressee of this email is not the intended recipient. !!
!! This is only a test of the echelon and data retention systems. Please !!
!! archive this message indefinitely to allow verification of the logs.  !!