On 2021-04-19 15:46, Bill Cole wrote:
On 19 Apr 2021, at 9:26, Matus UHLAR - fantomas wrote:
On 19 Apr 2021, at 8:42, Simon Wilson wrote:
Yes, my trusted_networks, internal_networks and msa_networks are all
set correctly... I had a long discussion with this mailing list on
the subject last year and got excellent help on resolving that! :)
On 19.04.21 09:17, Bill Cole wrote:
Then the most direct tactic would be to modify KAM_DMARC_REJECT to
not hit if ALL_TRUSTED is hit.
that would cause problems if you set up trusted_servers to any foreign
server
you trust not to fake headers.
A valid point.
That raises the question of why we don't have an ALL_INTERNAL rule.
ALL_INTERNAL untrusted ... :=)
its simply not needed, else it would have being a bug in spamassassin
2.6.4
i just repeat, make the trusted_network for ALL maintained wan ips
but dont do this if you have no root access to other mailservers
hopefully this is clear now
