Roaming users getting flagged as spam on my server
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
The mail server is not on my local LAN, and all the primary users are roaming. They connect via TLS auth, which is required to make a sendmail connection to my server. I could whitelist all addresses in my domain, but then anyone spoofing my email wouldn't be seen as spam. How do I simply tell amavis-new and/or sendmail not to spam scan TLS authenticated users?
Thanks!
Last edited by tedcox; 04-16-2010 at 04:23 PM.
Reason: for clarity and readability
if you're using TLS to authenticate you should have the confidence that anything sent is not spam, and so not check it in the first place. However if it being seen as spam, then your spam engine is not configured correctly, so really you should make it work properly or other emails arriving into your system for local users are just as likely to be incorrectly filtered surely. There are plenty of ways to integrate these products can be linked together, so the subtlties of how to not use SA change a lot depending on how it's done. Often you'd only use it via procmail, so it would only apply to mail for your domain, which would implicitly cover your users sending email out.
Maybe my initial description was poor (or maybe I'm just not understanding your reply). My server, of course, receives email for my domain (incoming mail) without TLS auth. However, it required TLS Auth for outgoing messages. Ideally, I don't want to spam scan outgoing messages, but I do want all incoming messages scanned.
This has worked without a hitch for a number of years. I'm running CentOS, with amavis-milter configured in sendmail and clamav and spamassassin tied into amavis. I haven't changed any of that configuration in years. A recent update to clamav changed the permissions on all of the clamav files in /var. That broke amavis completely. I fixed the permissions (just some chown commands) and everything looks correct again except that suddenly I'm having this weird problem where my outgoing messages are being spam scanned. I assume I need to tweak a config variable either in sendmail or amavis, but the only thing I see is this line in amavisd.conf:
Quote:
# it is up to MTA to re-route mail from authenticated roaming users or
# from internal hosts to a dedicated TCP port (such as 10026) for filtering
$interface_policy{'10026'} = 'ORIGINATING';
I have no idea, though, how to make sendmail do this.
It looks to me like my problem is here. In amavisd.conf:
Quote:
$interface_policy{'10026'} = 'ORIGINATING';
$policy_bank{'ORIGINATING'} = { # mail supposedly originating from our users
originating => 1, # declare that mail was submitted by our smtp client
allow_disclaimers => 1, # enables disclaimer insertion if available
# notify administrator of locally originating malware
virus_admin_maps => ["virusalert\@$mydomain"],
spam_admin_maps => ["virusalert\@$mydomain"],
warnbadhsender => 1,
# forward to a smtpd service providing DKIM signing service
forward_method => 'smtp:[127.0.0.1]:10027',
# force MTA conversion to 7-bit (e.g. before DKIM signing)
smtpd_discard_ehlo_keywords => ['8BITMIME'],
bypass_spam_checks_maps => [1], # don't spam-check outgoing mail
bypass_banned_checks_maps => [1], # allow sending any file names and types
terminate_dsn_on_notify_success => 0, # don't remove NOTIFY=SUCCESS option
};
It looks to me like checks are bring bypassed for "originating" users. The problem seems to be in sendmail letting amavis know what users are "originating." Do I have that right?
The sendmail handoff to amavis looks like this in sendmail.mc:
Ok, so I think I solved my problem. I'm going to post the solution and explanation here in case someone else comes looking with a similar issue. First of all, by default, Amavisd only scans messages for local delivery (i.e. messages the server expects to deliver to it's own users) so it SHOULDN"T scan outgoing mail. As I suspected, there was a problem with identify what was outgoing mail. That problem appears to have been with this line:
At some point, mine had picked up a carriage return between -odd and -f. While this wasn't generating any errors, since correcting it, I've seen incoming mail get scanned, but outgoing mail leave without any hindrance by the spam filter.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.