Article

(View Disclaimer)

Product: GroupWise 7
Agent: GWIA
Third Party Product: Guinevere 3.4 and/or SpamAssassin 3.23 for anti-spam

Problem:

With open relays denied by default, I had problems with allowing internal servers relaying mail to our GroupWise Internet Agent. The GWIA logs would show parts of the conversation (the beginning and the end) with no errors, but mail was not getting through. This was discovered to be an issue with SpamAssassin. Our SpamAssassin happens to be integrated with Guinevere, though this solution should also work for a non-integrated SpamAssassin.

It seems like an odd message flow, but mail relayed to GWIA, be it an internal or external destination, comes in before going out. This makes it susceptible to spam scanning.

Because of the application that was doing the relaying, whitelisting was not an option since the sender and receiver could both vary. As a result, I had to create a custom rule that would allow me to specify the IP address of the sending server in SpamAssassin.

Solution:

To do this, you will edit your local.cf file. In Guinevere, the default location is in the \sarules\default\ folder. In SpamAssassin, the default is /etc/mail/spamassassin/. Add the following lines where you place your custom rules within the local.cf file:

header RULE_NAME Received=~ /\[serverIPaddr\]/
score RULE_NAME -99
describe RULE_NAME Allows relays from serverIPaddr

Of course, the 'serverIPaddr' part will be replaced with the IP address of the relaying server. Be sure to include the brackets and all other special characters shown. Also make sure that RULE_NAME is the same in all three places.

This rule will look in the Received= line of a header for the presence of the server's IP address enclosed in braces. If it finds it, a value of -99 will be applied to the spam score for this email (standard for SA's whitelisting).

Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).

It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.