Alle,

We are running SA V3.2.4 on RHEL5.1. We would like to whitelist mail
coming from inside our network. Spamassassin is located on our DMZ
servers. Users use the internal SMTP relay to send mail. The internal
domain is foo.ac.jp. The external domain is foo.org. (Don't ask). *All*
hostnames are *.foo.ac.jp, both internal and on the DMZ, but the DMZ
machines are only addressable by their foo.org addresses from the
outside. There are no rDNS entries for the internal servers for the DMZ
machines to query.
Is there any was of doing this without adding rDNS records in external DNS?

Best Regards,
Camron

--
Camron W. Fox
Hilo Office
High Performance Computing Group
Fujitsu America, INC.
E-mail: cwfox@us.fujitsu.com

On Tue, 26 Aug 2008, Camron W. Fox wrote:

> We are running SA V3.2.4 on RHEL5.1.

How do messages get passed to SA for scoring?

The best way is to note the internal origination of the message and bypass
SA entirely. Exactly how that is done depends on your plumbing.

--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
...people who insist that religion is required for morality remind
me of hoplophobes who insist that I be disarmed because _they're_
unsafe with a gun. -- MarkHB at munchkinwrangler's
-----------------------------------------------------------------------
2 days until Exercise Your Rights day

On Tue, 26 Aug 2008, Camron W. Fox wrote:

> Alle,
>
> We are running SA V3.2.4 on RHEL5.1. We would like to whitelist mail
> coming from inside our network. Spamassassin is located on our DMZ servers.
> Users use the internal SMTP relay to send mail. The internal domain is
> foo.ac.jp. The external domain is foo.org. (Don't ask). *All* hostnames are
> *.foo.ac.jp, both internal and on the DMZ, but the DMZ machines are only
> addressable by their foo.org addresses from the outside. There are no rDNS
> entries for the internal servers for the DMZ machines to query.
> Is there any was of doing this without adding rDNS records in
> external DNS?

Your MTA should bypass SA if the message is from the "inside network".
That's how I have it set up here.

As it is, SA just scans what you feed it. Therefore, if there is further
fine tuning as to what gets scanned and what does not is solely made by
your MTA.

-d

John Hardin wrote:
> On Tue, 26 Aug 2008, Camron W. Fox wrote:
>
>> We are running SA V3.2.4 on RHEL5.1.
>
> How do messages get passed to SA for scoring?
>
> The best way is to note the internal origination of the message and
> bypass SA entirely. Exactly how that is done depends on your plumbing.
>
John,

Postfix hands the messages off to SA with the content_filter option.

Best Regards,
Camron

Camron W. Fox wrote:
> John Hardin wrote:
>> On Tue, 26 Aug 2008, Camron W. Fox wrote:
>>
>>> We are running SA V3.2.4 on RHEL5.1.
>>
>> How do messages get passed to SA for scoring?
>>
>> The best way is to note the internal origination of the message and
>> bypass SA entirely. Exactly how that is done depends on your plumbing.
>>
> John,
>
> Postfix hands the messages off to SA with the content_filter option.

You can bypass the filter for specific clients using the FILTER action.

smtpd_client_restrictions =
check_client_access cidr:/etc/postfix/per_client_filter

== per_client_filter:
127.0.0.1/32 FILTER dummy:
....

if you need help for this, use the postfix-users list as this mostly OT
here.