I have been having a bit of trouble with one particular spam issue and it stems from having whitelisted various addresses.
I have domains on two hM5 boxes (mx01 and mx02); half on each. The domains which are primary on mx01 have mx02 as a backup mx (and vice versa). On mx01 there is a TCP/IP route for mx02 (and vice versa) which has AntiSpam disabled - ie I trust ALL mail from each box destined for the other box.
I have various AntiSpam measures enabled in hMailServer and use andyp's Automatic whitelisting script on both boxes.
Lots of the users on each box have connections (business relationships, friends, etc) with users on the other and so send each other mail. Consequently there are mailboxes on mx01 with addresses which are whitelisted on mx02.
Suppose domain.tld is hosted on mx01 and mx02 is a backup mx for domain.tld. If mx02 receives a spam addressed TO AND FROM
user@domain.tld it doesn't do AntiSpam checks for it because the FROM address is in the white list on mx02. The spam is delivered and doesn't get checked by mx01 when relayed to it because of the TCP/IP range with AntiSpam disabled.
In order to get around this I have now modified the script to stop it adding addresses for domains for which 'Routes' exist and deleted all addresses from the whitelist for these domains.
Mail which is sent by a user via mx02 to a user which exists in a domain which is primary on mx01 is still delivered as normal without AntiSpam checks as a result of the TCP/IP range on mx01. (Obviously the same is true in the other direction). So these users do not suffer the greylisting delay as a result of my having removed their whitelisting entries.
The script modification seems to be working OK, I'd be grateful if anyone can see any errors I've missed that might rear their heads under certain circumstances I've not foreseen.
Basically the script now treats domains that are 'Routes' as if they were local (using the function andyp already included), IF the domain is flagged as 'Treat this route as a local domain' in the route settings.
The modifications are as follows:
Inserted within the Const block in EventHandlers.vbs (to allow easy switching on and off of the feature):
Code: Select all
Public Const treat_mx_backup_domains_as_local = 1
Inserted in EventHandlers.vbs in the is_local_domain function at the end of the 'If domain_buffer = "" Then' block:
Code: Select all
Set objRoutes = obapp.Settings.Routes
If treat_mx_backup_domains_as_local Then
For i = 0 to objRoutes.Count - 1
If objRoutes.Item(i).TreatSecurityAsLocalDomain Then
domain_buffer = domain_buffer & "#" & objRoutes.Item(i).DomainName
End If
Next
End If