Owen Mehegan wrote: > I'm running SA 3.0.2 with Postfix and a few SARE custom rule sets (with > weekly rules du jour updates).
FWIW, SA 3.0.2 is vulnerable to multiple DoS attacks. Unless you're using a distro port which has backported fixes, I'd strongly suggest an upgrade. At this time the only practical versions of official SA with no massive bugs or security holes are: 3.0.5, 3.1.0 and 3.1.1. AFAIK 2.64 is also safe from security holes, but it's too old to be practical. > This has been working amazingly well for > over a year, but lately a few things have been getting through, and with > unusually low scores. I'm attaching two here - if anyone would be > willing to run these through their rules and see how they score, it > would be much appreciated. Perhaps I just need some new rule sets, or > just to upgrade to the latest SA. > <snip> > -2.8 ALL_TRUSTED Did not pass through any untrusted hosts ALL_TRUSTED should *never* match outside email. Looks like your trusted_networks needs to be set manually. see http://wiki.apache.org/spamassassin/TrustPath The other alternative is it is mismatching due to a bug in the trust code that is fixed in 3.0.5 and higher.
