M. Lewis a écrit :
Maybe we should qualify that a little bit more Mouss, "maybe SA should not set ALL_TRUSTED if fetchmail is used and the upstream server is using qmail".
my ISP uses qmail, but provides correct Received headers. so it shouldn't be related to qmail. I think it should be like this:
- if it finds a header that doesn't contain the "client" IP - if this is just after a fetchmail header then don't set ALL_TRUSTED.
Either way, I have not been able (yet) to find a setting whereby mail.lizardhill.com is not trusted.
trusted here means it doesn't forge Received headers. now one can say that generating buggy ones is no different for our practical purpose!
