At 03:45 PM 2/2/2005, Jim Maul wrote:
> If your localhost can be a spam relay, disable the ALL_TRUSTED rule by setting it's score to 0.
>
If your localhost can be a spam relay, fix the problem.
I assumed that the above was obvious.
Setting ALL_TRUSTED to 0 (while fixing the negative score for spam) is not really a solution. It merely masks the problem.
Not true.
I suggested the score 0 because it can be useful in two situations where they can use SA to help them fix the problem, or where the user cannot fix the problem as it is outside of their control
1) If you have untrusted users (ie: you are an ISP) setting the score to zero lets you detect internally sent spams by looking for locally originated emails with high scores. This approach does not mask the problem, instead it actually *unmasks* the problem by having the spam be identified when it would not be, and let's you quickly track down users in need of termination.
2) If the user is actually running SA inside a user account on an ISP shell account, there's not much he can do to "fix" the problem. Here, you may not want to effectively whitelist email from other users of the same ISP mailserver, but you still want to "trust" it's Received: headers so you can do proper whitelist_from_rcvd commands.
Ok, let me rephrase.
Setting ALL_TRUSTED to 0 (while fixing the negative score for spam) is
not really a PERMANENT solution. It is indeed useful in troubleshooting, but i wouldnt suggest to set it to 0 and call it fixed.
-Jim
