final authority on forwarded email and spamassassin - SpamAssassin

This is a discussion on final authority on forwarded email and spamassassin - SpamAssassin ; Is there anything like a document or documents re: authority on forwarded email and spamassassin behavior, training, and tuning? Is it as simple as putting the forwarding mail server ip in the proper trust path and letting SA do the ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: final authority on forwarded email and spamassassin

  1. final authority on forwarded email and spamassassin

    Is there anything like a document or documents re: authority on forwarded
    email and spamassassin behavior, training, and tuning?

    Is it as simple as putting the forwarding mail server ip in the proper trust
    path and letting SA do the rest and tuning as necessary?

    Or based upon others vast experience should it be avoided?

    Im feeling déjàvu here.

    - rh


  2. Re: final authority on forwarded email and spamassassin

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.9 (NetBSD)

    iEYEARECAAYFAkjADTkACgkQ+vesoDJhHiUTSACfaPRZrM+dCl R044M/hDp9bqy2
    JNsAoJqQERhFaaYlrTXQjeGcqFBbLdPs
    =lPfG
    -----END PGP SIGNATURE-----

  3. Re: final authority on forwarded email and spamassassin

    RobertH wrote:
    > Is there anything like a document or documents re: authority on forwarded
    > email and spamassassin behavior, training, and tuning?
    >


    not clear what you mean

    > Is it as simple as putting the forwarding mail server ip in the proper trust
    > path and letting SA do the rest and tuning as necessary?


    if a server gets mail for your domain and then forwards it you, yes,
    you'll have to tune your trust path. make sure to read about
    trusted_networks, internal_networks and msa_networks.

    >
    > Or based upon others vast experience should it be avoided?
    >


    it is always easier to filter mail that you get directly. but this is
    not always possible/desirable.


  4. RE: final authority on forwarded email and spamassassin

    Mouss and Greg

    > In my experience the most important thing is to add the IP address of
    > systems that take mail from the internet and send it on to you to
    > trusted_networks. This will enable RBL checks on the previous-hop
    > addresses. I have added not only peer mail servers within my
    > organization but also some servers that catch mail to gdt@foo and
    > forward it to me, and a few mailing list servers that don't have
    > adequate spam filtering.
    >
    > After you've done that, take some spam and run "spamassassin -D -t"
    > and read the output for "X-Spam-Relays-Trusted".



    What I mean is external mail server with different email account and domain
    for me or others I can forward to main email address or addresses

    I would trust the server not to "originate" spam yet it doesn't relay for my
    servers or domains.

    It would just forward email to me from old email account(s)

    These would not be "free" email service addresses which I think would cause
    another round of issues with possible solution

    - rh


  5. Re: final authority on forwarded email and spamassassin

    RobertH wrote:
    > Mouss and Greg
    >
    >> In my experience the most important thing is to add the IP address of
    >> systems that take mail from the internet and send it on to you to
    >> trusted_networks. This will enable RBL checks on the previous-hop
    >> addresses. I have added not only peer mail servers within my
    >> organization but also some servers that catch mail to gdt@foo and
    >> forward it to me, and a few mailing list servers that don't have
    >> adequate spam filtering.
    >>
    >> After you've done that, take some spam and run "spamassassin -D -t"
    >> and read the output for "X-Spam-Relays-Trusted".

    >
    >
    > What I mean is external mail server with different email account and domain
    > for me or others I can forward to main email address or addresses
    >
    > I would trust the server not to "originate" spam yet it doesn't relay for my
    > servers or domains.
    >


    it does relay mail for you. the fact that it is not the mx of a domain
    you own doesn't matter.


    > It would just forward email to me from old email account(s)
    >
    > These would not be "free" email service addresses which I think would cause
    > another round of issues with possible solution
    >
    > - rh
    >



  6. RE: final authority on forwarded email and spamassassin

    Ok mouss lets try this

    I forward some email accounts of other domains I do not own with .forward
    files on those *nix boxen

    I have them forward to an email address I have in the abbacomm.net domain
    and of course we run spamassassin.

    They run spamassassin on their boxes too yet it does a poor admin job.

    Should I forward to my box or not and train those spammy emails or what?

    Or should I just pop3 from them and be done with it or?

    That is what I am talking about...

    - rh


  7. Re: final authority on forwarded email and spamassassin

    RobertH wrote:
    > Ok mouss lets try this
    >
    > I forward some email accounts of other domains I do not own with .forward
    > files on those *nix boxen
    >
    > I have them forward to an email address I have in the abbacomm.net domain
    > and of course we run spamassassin.
    >


    That's what I understood. I have similar accounts and I put the
    forwarding servers in my trusted_networks. You don't want to break SPF
    checking, AWL, ... etc. and you get the benefit of not checking them in
    dnsbl and the like.

    > They run spamassassin on their boxes too yet it does a poor admin job.
    >
    > Should I forward to my box or not and train those spammy emails or what?


    you want to filter these messages, so you need to run SA on them. and
    for better results, you need to train it.

    >
    > Or should I just pop3 from them and be done with it or?
    >


    It's up to you. I prefer forwarding.

    > That is what I am talking about...
    >



+ Reply to Thread