I am reasonably sure that my trusted and internal network paths are correct. I base this on the fact that 1) all DNSRBL rules are being applied correctly, 2) SPF checks are working properly, and 3) I am under the illusion that I know what I am doing and can follow procedures in documentation most of the time.
Despite this, however, ALL_TRUSTED was still being hit constantly when it should not have. I don't see any reason why I should re-enable the rule. And frankly, judging by the number of other people who have also had problems with ALL_TRUSTED, I think it should just be disabled by default.
As I said, disable it as a last resort. You apparently did. Nowhere did I say *you* should re-enable it. I did, however, disagree with your recommendation that Jonathan should disable it.
The OP said nothing about having verified and set the trust path, and his server setup does appear to use a local IP, which means that there's a good chance that, *in his case*, the actual problem is not with the ALL_TRUSTED *rule* but with the *actual trust path*. In that case, disabling ALL_TRUSTED will not solve the real problem.
-- Kelson Vibber SpeedGate Communications <www.speed.net>
