On 5 Nov 2018, at 20:04, RW wrote:
On Mon, 05 Nov 2018 23:37:59 +0100
Benny Pedersen wrote:
https://en.wikipedia.org/wiki/Private_network
why are this network not default internal_networks trusted_networks
msa_networks
They are if you let SA guess your networks. If you specify the
networks
manually you have to specify everything
And the reason for that is simply that not everyone trusts all of the
machines on reachable RFC1918 networks. For example, I worked for some
years at a multinational where 10/8 was allocated globally and was
routed globally. I had a list of specific non-local machines I was
supposed to trust for outbound relay (and use when my outbounds couldn't
use the local external link) but there was no way I could also trust the
tens of thousands of other 10.* machines around the world that could
very well be compromised personal desktops. I didn't even trust my own
local personal desktops.
