From: "Daryl C. W. O'Shea" <[EMAIL PROTECTED]>
Chris wrote:
On Saturday 27 May 2006 4:33 pm, you wrote:
Any why did --lint work fine every
time in 3.1.0? Commenting out the internal_networks entry and
restarting SA, --lint shows no errorrs now, why?
We're continuously improving the config parser's ability to detect
configuration *logic* errors. SA 3.1.1 was the first to thoroughly test
the logically configuration of trusted and internal network settings, in
addition to the already present syntactical checking.
If I remember correctly I had setup
my trusted and internal networks the same as I had seen in a message
from JoAnne, I could be wrong though.
It's wrong, trust me. ;)
See http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4760 for a
whole lot of background and insight into this issue.
Like I said before, you need to use at least this (without an
internal_networks line):
trusted_networks 127/8 192.168/16
Additionally, if your MX knows it's public IP you need to add it to the
list of trusted_networks.
If you're using fetchmail to get your Earthlink mail and running it
through SA, you should also add all of the relays through Earthlink's
network (right up to and including their MXes) to your trusted_networks
too.
Daryl
Thanks Daryl. Yes, fetchmail picksup from EL, thru procmail which calls SA.
If I understand you correctly on my trusted_networks line I'll need the ips
for these:
type=MX> [5 mx1.earthlink.net., 5 mx2.earthlink.net., 5 mx3.earthlink.net.,
5 mx4.earthlink.net., 5 mx5.earthlink.net., 5 mx6.earthlink.net., 5
mx7.earthlink.net., 5 mx8.earthlink.net., 5 mx9.earthlink.net., 5
mxa.earthlink.net., 5 mxb.earthlink.net., 5 mxc.earthlink.net., 5
mxd.earthlink.net., 5 mxe.earthlink.net., 5 mxf.earthlink.net., 5
mxg.earthlink.net., 5 mxh.earthlink.net., 5 mxi.earthlink.net., 5
mxj.earthlink.net., 5 mxk.earthlink.net.]
Or am I still showing my ignorance here?
Yeah, you'll need those hosts' IPs along with any intermediate relays
such as the IP(s) of any POP3 servers your mail might go through.
trusted_networks 127/8 192.168/16 207.217.121/24 209.86.93/24
That works here on earlier versions nicely. And those on the right are
both the incoming pop servers and the outgoing smtp servers. The latter
are probably not needed but are non-destructive.
{^_^}
