On 2025-06-24 at 09:57:34 UTC-0400 (Tue, 24 Jun 2025 15:57:34 +0200) Benoit Panizzon <benoit.paniz...@imp.ch> is rumored to have said:
> Hi > >> X-Spam-Relays-Trusted: >> X-Spam-Relays-Untrusted: >> >> which return a nice array of key=value rdns= being the one of interest >> to me :-) > > While cheching some spam mails with debug enabled to see how those > two pseudo header get populated I noticed that I did not include ::1 and > 127. in the trusted_networks > > I reckoned: > > * a remote server would never have source ip localhost so the first > untrusted ip will always be a routable ip, right? > * Blacklist checking of localhost does not make sense > > So I guess adding ::1 and 127. to trusted_networks would be a sensible > thing to do by default. But the Manual does not recommend this. > > What is the recommendation? If and ONLY IF your mail system routinely adds a Received header using loopback addresses, you should include the loopback in trusted_networks. -- Bill Cole