I have configured my internal networks (10.41.1.0/24 and [fc00::]/7) on Email / Global Filters / Postfix Whitelist with sender and client but it doesn't help. Within main.cf I have the following entry: mynetworks = 127.0.0.0/8 10.41.0.0/16 [::1]/128 [fc00::]/7 But I still got internal mails classified as SPAMMY: Feb 9 08:49:01 mail1 amavis[10147]: (10147-09) Passed SPAMMY {RelayedTaggedInternal}, ORIGINATING LOCAL [10.41.1.233]:42202 <[email protected]> -> <[email protected]>, Queue-ID: 513471AAE, Message-ID: <[email protected]>, mail_id: MmiTJSiwN9HR, Hits: 4.788, size: 1168, queued_as: 86B8D1AB3, 222 ms Feb 9 08:50:05 mail1 amavis[10336]: (10336-08) Passed SPAMMY {RelayedTaggedInternal}, ORIGINATING LOCAL [fc00::200:31]:52522 <[email protected]> -> <[email protected]>, Queue-ID: BE06F1AAE, Message-ID: <[email protected]>, mail_id: HPVW7Bpv7vtN, Hits: 6.618, size: 854, queued_as: 4D65B1AB3, 542 ms My local servers are running IPv4 and IPv6.
In a quick look at smtpd_sender_restrictions on a 3.1 server here, you would bypass amavis entirely (ie. spam/virus scanning) by either specifying your networks in mynetworks or by authenticating with sending. Are your users authenticating when they send mail? What is your smtpd_sender_restrictions set to? (run 'postconf smtpd_sender_restrictions') There are use cases for adding to mynetworks, but there are also reasons not to (ie. to help stop spam/virus mail from your customers) - I'd simply have users authenticate. If mynetworks/authentication isn't working to bypass amavis, you may have a configuration different than what ispconfig creates by default.
No mails are sent without authentication now from a PHP script. Here is the requested output: mail1:~# postconf smtpd_sender_restrictions smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re , permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, check_sender_access regexp:/etc/postfix/tag_as_foreign.re What should I change?
Thanks for your help Jessie. I am now using PHPMailer in order to authenticate my mails and they are no more classified as SPAM. I was thinking that mynetworks were by default treated as Whitelist.
Things don't quite add up here, in your original logs you had 'ORIGINATING LOCAL' so I think your mynetworks settings were working at that point, and my determination that doing so bypasses spam scanning may be wrong; looking at it today I think the difference is in dkim signing (check signatures vs. add signatures), does that sound correct @florian030 ? I suspect the difference/improvement in spam scanning is in the rules spamassassin applies, doing a much better job when it knows the sender is authenticated locally. You might look at TRUSTED_NETWORKS and/or INTERNAL_NETWORKS in spamassassin config and add your local hosts/networks where appropriate.
From my side this issue has been solved with mail authentication but working with DKIM is still an ongoing project.
