-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Kevin Sullivan writes: > I've set the trusted networks manually: > > clear_trusted_networks > trusted_networks 127/8 > trusted_networks 205.201.9.33/32 > trusted_networks 10.30/16 > clear_internal_networks > internal_networks 127/8 205.201.9.33/32 10.30/16 > > But I still get *lots* of mail incorrectly triggering ALL_TRUSTED. I'm > running spamassassin from a milter. It looks like the milter runs before > sendmail adds its own Received: line, so much mail comes in with no > Received lines. And it looks like mail with no Received lines is > automatically tagged as "trusted". > > So, does this seem plausable? And can it be fixed? > > It seems like there have been many problems with the ALL_TRUSTED system > with 3.0. Is there a way to disable the whole thing? I know that I can > set ALL_TRUSTED to 0 points; will that also stop the side effects of > ALL_TRUSTED? first off, you've got to get the milter to at least *fake* a Received header; you're missing a load of spam signatures without that. setting ALL_TRUSTED to 0 will indeed disable that rule. but there is a large number of tests that also require the relay add a Received before the message is scanned (DNSBL tests, HELO string tests, rDNS tests, etc. etc.) You *really* want that Received line. - --j. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Exmh CVS iD8DBQFBpMnHMJF5cimLx9ARAnzQAKCbovMRC1oOjEjyoZbptUZHLmLxmwCggqz6 FZwP3mTRNWsQ3muUEQnZGAg= =GioS -----END PGP SIGNATURE-----
