headers
Werner Van Belle | 2 Sep 2008 16:56

Re: Ditching the sending host


U. George wrote:
> This means that for the receiver of a mail
>> that they will see a number of Received messages with the sending host
>> listed. Because there is a belgacom dynmaic hosts included spamassassin
>> trashes the email directly. The solution as I see it is to get rid of
>> that specific Delivered header before actually sending the mail through.
>> Has anyone done something like this already ?
> 
> I suppose u'd have to ask spamassassin to stop analyzing the "received"
> messages after the first one. After the first one, the "received"
> messages could all be from your (private) intr-a-net.

Yes, this is not really option since most spamassasin installation will
trash those emails immediatelly. So, I would really prefer to remove the
first received line instead of 'fixing' spamassasin on my own host :-)

--
Dr. Werner Van Belle
http://werner.yellowcouch.org/
Permalink | Reply |
headers
Markus Stumpf | 2 Sep 2008 17:34
Picon
Favicon

Re: Ditching the sending host

On Tue, Sep 02, 2008 at 04:56:05PM +0200, Werner Van Belle wrote:
> Yes, this is not really option since most spamassasin installation will
> trash those emails immediatelly. So, I would really prefer to remove the
> first received line instead of 'fixing' spamassasin on my own host :-)

Have them use SUBMISSION (port 587). This way you can use a different
tcprules file and set other environment variables. Use this to turn
spamassassin off (or only this one check).
Bypassing spamassassin for mails from authenticated users shouldn't
be a problem and even speed up mail injection for them.

If you can't/don't want to use SUBMISSION but have SMTP AUTH you could
check if the RELAYCLIENT environment variable is set. This should also
indicate a authenticated user. Turn of spamassassin then.

	\Maex

--

-- 
Markus Stumpf
Permalink | Reply |
headers
Werner Van Belle | 3 Sep 2008 06:50

Re: Ditching the sending host

Markus Stumpf wrote:
> Have them use SUBMISSION (port 587). This way you can use a different
> tcprules file and set other environment variables. Use this to turn
> spamassassin off (or only this one check).
> Bypassing spamassassin for mails from authenticated users shouldn't
> be a problem and even speed up mail injection for them.
>   
I already require that the users that want to send a message go through
smtp-auth and ssl. So each user is authenticated. On the other hand I
don't perform spam checking on our useres outgoing mail since that
wouldn't make sense.

Probably I didn't explain the problem in sufficient detail. So the
problem is as follows:

a- one of our users at machine A connects to our server B and
authenticates with smtpauth over ssl.
b- server B receives the message and qmail will automatically add two
received lines listing IP A
c- qmail sends the message on its way
d- eventually target server C receives the message, reads the headers
and spamassassin throws away the mail because it came from IP A

Now, I clearly cannot ask every receiving host C to 'fix' this problem,
also because I believe that the sending IP-addresses A could very well
belong to a company that abuses their IP-range. That however does not
mean I am a spammer and as such I would like to remove (or not add) the
Received lines when the message arrives at B.

Wkr,
(Continue reading)

Permalink | Reply |
headers
Markus Stumpf | 3 Sep 2008 17:24
Picon
Favicon

Re: Ditching the sending host

On Wed, Sep 03, 2008 at 06:50:33AM +0200, Werner Van Belle wrote:
> Now, I clearly cannot ask every receiving host C to 'fix' this problem,
> also because I believe that the sending IP-addresses A could very well
> belong to a company that abuses their IP-range. That however does not
> mean I am a spammer and as such I would like to remove (or not add) the
> Received lines when the message arrives at B.

If you try to fix other mailadmins ignorant and fscked up configurations
you will have a lifetime job but and will never succeed.

Spammers add myriads of faked Received: lines a day.
Anyone who inspects Received: lines other than the ones added by mailservers
under his control is - hmmmm - an idiot and hasn't a clue about how
rfc2822, spoofing, trust and identity works.

Now it is about removing Received: lines.
Tomorrow it is about Organization: or In-Reply-To: that someone will not
like and filter or maybe X-PGP-Fingerprint or usernames in From: fields.
How far will you go and where will you stop.

I'd suggest you stop already now.

	\Maex
Permalink | Reply |
headers
Manvendra | 3 Sep 2008 07:04
Picon
Gravatar

Re: Ditching the sending host

On Wed, Sep 3, 2008 at 10:20 AM, Werner Van Belle <werner <at> yellowcouch.org> wrote:
Probably I didn't explain the problem in sufficient detail. So the
problem is as follows:

a- one of our users at machine A connects to our server B and
authenticates with smtpauth over ssl.
b- server B receives the message and qmail will automatically add two
received lines listing IP A
c- qmail sends the message on its way
d- eventually target server C receives the message, reads the headers
and spamassassin throws away the mail because it came from IP A
You know a bit of shell scripting?
You can use QMAILQUEUE and qmail-qfilter to run a script which filters out the IP addresses before the mail reaches qmail-queue.
If you are game writing a script, i can help you offline.
Permalink | Reply |
headers
Manvendra Bhangui | 3 Sep 2008 07:36
Picon
Gravatar

Re: Ditching the sending host

On Wed, 2008-09-03 at 10:34 +0530, Manvendra wrote:

> 
> You can use QMAILQUEUE and qmail-qfilter to run a script which filters
> out the IP addresses before the mail reaches qmail-queue.
> If you are game writing a script, i can help you offline.

In, fact, you can have the SMTP rules file to have the script only run
for your Client A host. (I am assuming you have netqmail and hence the
QMAILQUEUE patch. The name of the shell script which filters out client
A's IP address from received lines is remove-ip-header)

How to use, with the QMAILQUEUE patch applied to qmail:

- Create a script containing an invocation of qmail-qfilter.  For
  example, a script that uses runs remove-ip-header
  would contain:
	#!/bin/sh
	exec /path/to/qmail-qfilter /path/to/remove-ip-header
  For this example let us name the above script qmail-ipfilter

- Set the environment variable QMAILQUEUE to the location of this
  script.  For example, in a SMTP rules files, put:
	A.B.C.D:allow,RELAYCLIENT="",QMAILQUEUE="/usr/local/bin/qmail-ipfilter"
  and rebuild the SMTP CDB file.

- You're all set!  In our example, all messages sent from the IP A.B.C.D
  will have their content filtered through qmail-ipfilter which will
  run the shell script remove-ip-header before the mail content reaches qmail-queue.
Permalink | Reply |

Gmane