This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: converted to 1.6 markup


In SpamAssassin 3.2.0 or later you can use the msa_networks option to list your MSAs. The syntax is identical to the trusted_networks option. Any mail submitted to a machine listed in msa_networks will be trusted (provided that all relays above/after the MSA relay are also trusted).

Wiki MarkupIn versions of [SpamAssassin] older than 3.2.0 you will either need to use one of the other options listed on this page or, if using 3.1, apply a \[ patch to add msa_networks\] to your install of [SpamAssassin].

I'm an ISP, and mails from our customers, using POP-before-SMTP for authentication, are hitting RCVD_IN_DYNABLOCK.


Update (2006-07-14): Postfix 2.3 includes support for adding its own style of authentication info to its received headers by setting smtpd_sasl_authenticated_header = yes, which is disabled by default, in your Postfix config. SpamAssassin 3.1.4 and later includes support for this Postfix auth info.

Wiki Markup\["madduck"\this patch]: This will not fix TLS-authenticated sessions. See \ [ this patch\] which munges the Received headers. \["DarylC.W.O'Shea"\]: This should work to avoid the Dynablock problem in this specific situation but isn't recommended since it destroys the audit trail provided by the Received headers.

Update (2008-06-20): Postfix 2.5+ includes native support RFC 3848 setting smtpd_sasl_authenticated_header is not needed but optional.