How to recognise messages from local network or authenticated connections

I am running sendmail with procmail, which feeds the messages to
spamassassin. I do not want to run local or messages from
authenticated connections through spamassassin. What is the best way
of recognising these headers in procmail? At the moment I'm using the
"Received: from " header, but there are a lot of different permutations
and combinations of these and the procmail rules seem to require the
name of every sending computer on the local network.

Is there a straightforward way of doing this?

Re: How to recognise messages from local network or authenticated connections

Robert S wrote:
> I am running sendmail with procmail, which feeds the messages to
> spamassassin. I do not want to run local or messages from
> authenticated connections through spamassassin. What is the best way
> of recognising these headers in procmail? At the moment I'm using the
> "Received: from " header, but there are a lot of different permutations
> and combinations of these and the procmail rules seem to require the
> name of every sending computer on the local network.
>
> Is there a straightforward way of doing this?

If you can, use a milter. Then you could write rulesets that set a
macro and check for the macro in the milter.

Or you can use milter-rrres and control the milters directly from
sendmail. Thats how I use it.

http://www.jmaimon.com/sendmail/#milter-rrres.v15

Re: How to recognise messages from local network or authenticated connections

In article <1165662859.872638.61120@l12g2000cwl.googlegroups.com>,
"Robert S" wrote:

> I am running sendmail with procmail, which feeds the messages to
> spamassassin. I do not want to run local or messages from
> authenticated connections through spamassassin. What is the best way
> of recognising these headers in procmail? At the moment I'm using the
> "Received: from " header, but there are a lot of different permutations
> and combinations of these and the procmail rules seem to require the
> name of every sending computer on the local network.
>
> Is there a straightforward way of doing this?

How wedded are you to procmail?

I do some similar things by hooking SA in via the MIMEDefang milter
instead, which is also a bit easier on a system than forking a new
procmail process for each delivery. If you're trying to spare your
system some load by not scanning local mail, you may find that just
switching to a milter instead of procmail does the trick.

If you're concerned about the risk of marking your local users' mail as
spam, that should be easily overcome with suitable configuration of
SpamAssassin. The positive side of running your local mail from trusted
sources through a properly configured SA is that you can have it
auto-learn that mail as non-spam and reduce the chances of SA marking
responses to it as spam.

--
Now where did I hide that website...

Re: How to recognise messages from local network or authenticated connections

I run two small networks. I don't think its worth the hassle of
installing MIMEDefang or a milter. At the moment the following works:

## Filter everything for spam if user has set up Spam folder
:0fw: spamassassin.lock
* < 256000
* ! Received: from (mypc1|mypc2|mypc3).*
| /usr/bin/spamc

I realise that its a clumsy solution.

Re: How to recognise messages from local network or authenticated connections

Robert S wrote:
> I run two small networks. I don't think its worth the hassle of
> installing MIMEDefang or a milter. At the moment the following works:

Mimedefang is a milter.

And on a debian system, installing the milter is basically these steps

apt-get install spamass-milter
add a line into sendmail.mc
execute make in the /etc/mail directory
restart sendmail

>
> ## Filter everything for spam if user has set up Spam folder
> :0fw: spamassassin.lock
> * < 256000
> * ! Received: from (mypc1|mypc2|mypc3).*
> | /usr/bin/spamc
>
> I realise that its a clumsy solution.

Which is why you posted here and received other sendmail-centric
solutions (this is a sendmail newsgroup).

Re: How to recognise messages from local network or authenticated connections

I realise that MIMEDefang is a milter.

I posted this question to the sendmail NG because sendmail writes the
headers in the message and the procmail rule would need to know about
the syntax of these headers. Maybe I should post this to the procmail
NG - though I note that there hasn't been a lot of activity on this
group.