An internal sender who was being smart hosted from exchange into a centralized sendmail machine running spam assassin was having their mail rejected as spam.  They had upgraded their internet connection about 3-4 months ago and as such acquired a new set of IP addresses.  In the spam assassin config file, local.cf contains either trusted_networks or internal_networks.  You have to remember to modify these any time one of your relays changes their IP address.  These config lines tell spam assassin who is internal or trusted and who is not.  If you don't add them then clients run the risk of having false positives when trying to send mail.  
You will already be on the server anyway to modify sendmail's configs so just make this part of your mental checklist. Syntax below:
trusted_networks single.ip.address or ip.address.range/CIDR
A less used feature would be the exclusion, so trusted_networks !10.10.10.1 10.10.10.0/24 would trust that entire class C expept for 10.1
No comments:
Post a Comment