How to avoid SPAM filter for internal networks?

Discussion in 'Installation/Configuration' started by Jackouille-CH, Feb 9, 2017.

  1. Jackouille-CH

    Jackouille-CH New Member

    I have configured my internal networks ( and [fc00::]/7) on Email / Global Filters / Postfix Whitelist with sender and client but it doesn't help.
    Within I have the following entry:
    mynetworks = [::1]/128 [fc00::]/7

    But I still got internal mails classified as SPAMMY:
    Feb 9 08:49:01 mail1 amavis[10147]: (10147-09) Passed SPAMMY {RelayedTaggedInternal}, ORIGINATING LOCAL []:42202 <[email protected]> -> <[email protected]>, Queue-ID: 513471AAE, Message-ID: <[email protected]>, mail_id: MmiTJSiwN9HR, Hits: 4.788, size: 1168, queued_as: 86B8D1AB3, 222 ms

    Feb 9 08:50:05 mail1 amavis[10336]: (10336-08) Passed SPAMMY {RelayedTaggedInternal}, ORIGINATING LOCAL [fc00::200:31]:52522 <[email protected]> -> <[email protected]>, Queue-ID: BE06F1AAE, Message-ID: <[email protected]>, mail_id: HPVW7Bpv7vtN, Hits: 6.618, size: 854, queued_as: 4D65B1AB3, 542 ms

    My local servers are running IPv4 and IPv6.
  2. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    In a quick look at smtpd_sender_restrictions on a 3.1 server here, you would bypass amavis entirely (ie. spam/virus scanning) by either specifying your networks in mynetworks or by authenticating with sending. Are your users authenticating when they send mail? What is your smtpd_sender_restrictions set to? (run 'postconf smtpd_sender_restrictions') There are use cases for adding to mynetworks, but there are also reasons not to (ie. to help stop spam/virus mail from your customers) - I'd simply have users authenticate. If mynetworks/authentication isn't working to bypass amavis, you may have a configuration different than what ispconfig creates by default.
    Jackouille-CH likes this.
  3. Jackouille-CH

    Jackouille-CH New Member

    No mails are sent without authentication now from a PHP script.
    Here is the requested output:
    mail1:~# postconf smtpd_sender_restrictions
    smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/ , permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:/etc/postfix/, check_sender_access regexp:/etc/postfix/
    What should I change?
  4. Jackouille-CH

    Jackouille-CH New Member

    Thanks for your help Jessie. I am now using PHPMailer in order to authenticate my mails and they are no more classified as SPAM.
    I was thinking that mynetworks were by default treated as Whitelist.
  5. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    Things don't quite add up here, in your original logs you had 'ORIGINATING LOCAL' so I think your mynetworks settings were working at that point, and my determination that doing so bypasses spam scanning may be wrong; looking at it today I think the difference is in dkim signing (check signatures vs. add signatures), does that sound correct @florian030 ?

    I suspect the difference/improvement in spam scanning is in the rules spamassassin applies, doing a much better job when it knows the sender is authenticated locally. You might look at TRUSTED_NETWORKS and/or INTERNAL_NETWORKS in spamassassin config and add your local hosts/networks where appropriate.
    Jackouille-CH likes this.
  6. Jackouille-CH

    Jackouille-CH New Member

    From my side this issue has been solved with mail authentication but working with DKIM is still an ongoing project.

Share This Page