Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: spamassassin.apache.org > users > 07 > 094023.html (Request Expert spamassassin.apache.org Support)

RE: Q about mail proxy servers and setups

From: Michael Scheidell <scheidell(at)secnap.net>
Date: Sun Sep 23 2007 - 20:27:18 EDT


Thanks, I hadn't thought about the backscatter problem.

If there is a proxy involved, then they HAVE to set (in amavisd) all final destinations as 'DISCARD' and not BOUNCE.

I also think I will try to look at adding it to trusted networks in SA, but excluding it from the internal networks in amavisd.

IP addresses are not the basis of p0f, so that doesn't work, and without hacking SA SPF plugins, I can't see any way to trust SPF.

For the purposes of this discussion, the biggest reason I can't be on the edge where Id like to be is that there is a massive proxy/load balancer/failover device that does more than email.

Many firewalls 'proxy' the email also, so its not like you can take it out.
(oh, turn off Cisco's smtp mail fixup was another thing I found when dealing with odd ball setups)

Thanks to everyone who had real answers. 

-- 
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct: 561-939-7259
Real time security alerts: 
http://www.secnap.com/news
_________________________________________________________________________

This email has been scanned and certified safe by SpammerTrap(tm). 
For Information please see 
http://www.spammertrap.com
_________________________________________________________________________
Received on Sun Sep 23 20:29:14 2007

This archive was generated by hypermail 2.1.8 : Sat Oct 27 2007 - 11:16:52 EDT

Do you need help?X
Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library