Does Scalix Locally Forward All Mail?
Posted: Tue May 08, 2007 2:35 pm
OK, here's a problem I am hitting up against.
I am running spamassassin (SA) with spamass-milter (SM). SM has this setting, where if you include a -b somemail@mymail.com, then anything marked spam will be directed right to this email box, instead of to your user's mailbox. Very nice. However, we still do like to reject flagrant spam, so the -r 15 switch does well. Until we get a message that is 15+, then the message gets sent to your spambucket (somemail@mymail.com), but upon sending, it gets scanned again, so another positive, that must be fwd'd to the spambucket, but that causes ANOTHER scan...etc.etc.etc. Thankfully, sendmail's MAX_HOP count is only 5 or 10, so you get 5 or 10 of these then it stops.
In SM you can add a -i (for ignore), so you can say -i 127.0.0.1 which means, don't scan messages that are being sent to the local box by the local box. When I implemented the -i setting, ALL mail stopped being scanned. Even flagrant violations were being sent right on. Which makes me wonder, does Scalix take in a message, take it apart, score it, then send it to where it has to go, saying it came from 127.0.0.1?? Here are 2 lines from my maillog:
May 8 14:04:21 qmail spamd[20784]: spamd: identified spam (17.9/5.0) for root:99 in 0.7 seconds, 4462 bytes.
May 8 14:04:21 qmail spamd[20784]: spamd: result: Y 17 - DNS_FROM_RFC_ABUSE,DNS_FROM_RFC_POST,FORGED_MUA_OUTLOOK,FROM_EXCESS_BASE64,HTML_FONT_BIG,HTML_MESSAGE,INVALID_MSGID,URIBL_JP_SURBL,URIBL_OB_SURBL,URIBL_SC_SURBL scantime=0.7,size=4462,user=root,uid=99,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=35547,mid=<3590.12971178647460.mail.somewhere.com>,autolearn=no
It sure looks this way!! the raddr=127.0.0.1 seems to imply that the msg is being sent from the local machine. Can someone at Scalix comment?? I would like to find a way around this.
Thanks.
I am running spamassassin (SA) with spamass-milter (SM). SM has this setting, where if you include a -b somemail@mymail.com, then anything marked spam will be directed right to this email box, instead of to your user's mailbox. Very nice. However, we still do like to reject flagrant spam, so the -r 15 switch does well. Until we get a message that is 15+, then the message gets sent to your spambucket (somemail@mymail.com), but upon sending, it gets scanned again, so another positive, that must be fwd'd to the spambucket, but that causes ANOTHER scan...etc.etc.etc. Thankfully, sendmail's MAX_HOP count is only 5 or 10, so you get 5 or 10 of these then it stops.
In SM you can add a -i (for ignore), so you can say -i 127.0.0.1 which means, don't scan messages that are being sent to the local box by the local box. When I implemented the -i setting, ALL mail stopped being scanned. Even flagrant violations were being sent right on. Which makes me wonder, does Scalix take in a message, take it apart, score it, then send it to where it has to go, saying it came from 127.0.0.1?? Here are 2 lines from my maillog:
May 8 14:04:21 qmail spamd[20784]: spamd: identified spam (17.9/5.0) for root:99 in 0.7 seconds, 4462 bytes.
May 8 14:04:21 qmail spamd[20784]: spamd: result: Y 17 - DNS_FROM_RFC_ABUSE,DNS_FROM_RFC_POST,FORGED_MUA_OUTLOOK,FROM_EXCESS_BASE64,HTML_FONT_BIG,HTML_MESSAGE,INVALID_MSGID,URIBL_JP_SURBL,URIBL_OB_SURBL,URIBL_SC_SURBL scantime=0.7,size=4462,user=root,uid=99,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=35547,mid=<3590.12971178647460.mail.somewhere.com>,autolearn=no
It sure looks this way!! the raddr=127.0.0.1 seems to imply that the msg is being sent from the local machine. Can someone at Scalix comment?? I would like to find a way around this.
Thanks.