On 21.04.21 00:11, RW wrote: >Anything that enters through through the remote trusted network and >hits ALL_TRUSTED will almost certainly pass whatever authentication >mechanism are set-up for the domain. > >The difference between ALL_TRUSTED and ALL_INTERNAL will likely be >small. There are minor advantages either way.
the diference would be, ALL_TRUSTED covers mail from trusted, but not internal hosts, that are trusted not to fake headers, but still may send spam.
On 22.04.21 00:07, RW wrote:
Unless a dynamic pool has been put into the trusted network,
...which is quite common at ISPs
this is about authenticated relays. Spammers gain access to third-party accounts to pass authentication tests - not to spam with a random domain that will fail such tests.
still, authenticated mail is outgoing mail, not incoming mail, and you should not expect it to be DKIM-signed, you have to dkim-sign it. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. "Where do you want to go to die?" [Microsoft]
