Disable SPF for policy bank

Klaus Vink Slott list-s at vink-slott.dk
Sun Oct 4 18:30:00 CEST 2015


On 04-10-2015 kl. 12:39 I wrote:
> In my setup we scan both incoming and outgoing mail (trying to catch
> accounts which has fell victim to phishing fraud). When mails from
> inside is checked policy banks is correctly loaded
> 
> loaded policy bank "MYNETS" over "ORIGINATING"
> 
> but I still get SPF fail.
> 
> If there a setting available I can use in the policy bank?

Sorry, my message came out a bit short.

My problem is that I use a relay host installed at a hosting provider
for outgoing mail. The Amavis instance (with SPF filter) is running on
that hosted machine. So when I send mail from "inside" trough the relay
host, then amavis/SPF sees the message as coming from a unknown ip
address and it will subsequently fail SPF test - based on my own SPF record.
I could add all my inside servers to the SPF record - but I dont find
that convenient.

As "inside" mail enters Amavis using a controlled path which ensures
that the ORIGINATING policy bank is loaded. I was sort of hoping that I
could add something like

bypass_spf_checks => 1,

to ORIGINATING policy bank. But I have not found a setup option like that.

Is there a way to disable SPF check when a specific policy bank is
loaded or am I following the wrong path here?

-- 
Regards
Klaus



More information about the amavis-users mailing list