[Esa-l] Special handling of local mail [was: Help with hybris getting thru filters]

John D. Hardin jhardin at impsec.org
Sat Jun 9 22:54:11 PDT 2001

On Fri, 8 Jun 2001, Tommy Lindqvist wrote:

> Actually, this may not work in all cases.. 
> If you are using a proxy-based firewall like TIS or Gauntlet,
> The firewall puts its own received on the mail before it reaches
> your mailserver.


> This is how it looks for us.  We have
> Internet ---> Gauntlet FW ---> Mailserver v Filter
> Received: from outsidefw.space.se (insidefw [10.112.XXX.XXX])
> 	by mailserver.space.se (8.8.8+Sun/8.8.8) with ESMTP id EAA07292
> 	for <tommy.lindqvist at space.se>; Fri, 8 Jun 2001 04:11:12 +0200 (MET DST)


* ^Received: from [a-z0-9\.]+ \([a-z0-9\.]\.space\.se 
\[10\.112\.[0-9]+\.[0-9]+\]\) by mailserver\.space\.se
* ! ^Received: from outsidefw\.space\.se
   MANGLE_EXTENSIONS='looser list'

Assuming, of course, that your internal mail does not go via the SMTP

Note that whether or not your domain goes within the parens on the
Received line depends on your local setup. The mail server may or may
not get FQDNs for the internal host.

