Philip Mak wrote: > I've been getting a lot of spam lately ever since I moved my mail > server to a new system. Here's one of the false negatives that slipped > through, for example: > > X-Spam-Status: No, score=-2.1 required=5.0 tests=ALL_TRUSTED,BAYES_50, > > NO_REAL_NAME,RCVD_BY_IP,YOUR_INCOME autolearn=ham version=3.0.3 > > X-Spam-Summary: 0.0 NO_REAL_NAME From: does not include a real > name > 0.1 RCVD_BY_IP Received by mail server with no name > > -3.3 ALL_TRUSTED Did not pass through any untrusted hosts > > 1.1 YOUR_INCOME BODY: Doing something with my income > > 0.0 BAYES_50 BODY: Bayesian spam probability is 40 to > 60% > [score: 0.5000] > > Why does ALL_TRUSTED have a score of -3.3? Doesn't this mean that any > spammer who connects directly to my mail server has a good chance of > getting past SpamAssassin?
That should not happen on a properly working SA setup. Odds are very good you've got a NATed mailserver, resulting in the Trust Path gueser to fail. You'll have to declare trusted_networks manually to fix it. http://wiki.apache.org/spamassassin/TrustPath
