Just had a spam arrive that was given a -3.3 score for "ALL_TRUSTED". Funny thing is that my local.cf contains the following:
# we trust our local network # removed: sa never used for internal originating spam. clear_trusted_networks #trusted_networks 143.210. #internal_networks 143.210.
because I commented the lines out a couple of months or more ago. SA is only run (using exiscan) for messages coming in to our network from external hosts, so it should never fire on this rule as far as I can see.
If no networks are declared trusted, SA will attempt to auto-detect.
You can't, and don't want, to have no trusted hosts at all. That condition would break lots of things, including whitelist_from_rcvd.
