On the same topic... The SpamAssassin documentation doesn't describe this possibility, so this is why I ask the list for some clarification. I have a mix of private and public addresses on my network which can send email. I have the public addresses listed in trusted_networks like this:
trusted_networks 69.39.96.0/20 trusted_networks 12.149.230.0/24 trusted_networks 12.25.52.0/23 I'd like to add the private addresses we use too, but I'm not sure if that would open up to more spam. If I added 10.0.0.0/8 as a trusted network, I'm afraid it could let it spam sent from other organizations' private networks that relay through their normal public network mail servers or firewalls. Sort of like setting 192.168.0.0 might let in every infected computer's email behind simple home nat boxes. Which networks does trusted_networks apply to, as an internet path is really a whole bunch of networks? TIA, Jason On Thu, Jan 20, 2005 at 09:42:44AM -0500, Bowie Bailey wrote: > From: Martin Hepworth [mailto:[EMAIL PROTECTED] > > > > Craig Zeigler wrote: > > > > > I am getting very obvious spam through my SA filters. The only > > > thing I think is that the value for ALL_TRUSTED is pushing it > > > below the threshold. Where do I go to alter this test's effect on > > > the spam count? I have searched through all of the .cf files in > > > /usr/share/spamassassin and /etc/mail/spamassasin and can't figure > > > it out. > > > > > > using SA version 3.0.1 > > > > add the following line to /etc/mail/spamassassin/local.cf > > > > score ALL_TRUSTED 0.0 > > > > This will turn off that rule completely. > > True, but a better idea is to configure SA so that the trust path > works properly. > > Add some lines like the following to /etc/mail/spamassassin/local.cf > to specify the networks and mailservers you control. > > trusted_networks 192.168.1.10 > trusted_networks 172.16. > > You can add either networks, or single hosts. I prefer to add > networks so that I don't have to reconfigure if I add or move a > mailserver. > > These settings specify to SA which mailservers should be trusted. If > you don't specify, it has to guess, and it doesn't work well with > NATed networks. > > For more info: > > $ man Mail::SpamAssassin::Conf > > Bowie -- /* Jason Philbrook | Midcoast Internet Solutions - Internet Access, KB1IOJ | Hosting, and TCP-IP Networks for Midcoast Maine http://f64.nu/ | http://www.midcoast.com/ */
