I'm afraid these email might be internal. Is there a way to "un" trust even if internal network? The user guide said trusted_networks should be "none" by default, but I think it is not. Is there a way to "un" trust 127.0.0.1?
Heh, what user guide said it was set to "none"? It would be impossible for it to ever be "none". You must have at least one trusted server, otherwise SA will be unable to decide what headers it should apply DUL RBLs to.
Unless explicitly set, trusted_networks it's set to "auto".
As far as "un trusting" 127.0.0.1, you REALLY do NOT want to do that because of the implications to whitelists, RBLs, and just about any other part of the code that examines Received: header.
If your localhost can be a spam relay, disable the ALL_TRUSTED rule by setting it's score to 0.
