Ben Wylie wrote: > As i understand it, in trusted networks you want to have any ip or ip range > that you trust to be reporting correctly the details of the server from which > it received the email. > > If this is the case, presumably it is good to have the main service provider > servers in this list. > > So if i know that Yahoo always correctly report the ip of the person they > receive the email from, i want to trust yahoo servers. > > Have i understood this correctly? > Yes, however there's another stipulation.. By default, if undeclared, internal_networks will copy the values of trusted_networks.
You do NOT under ANY condition want another ISP's mailservers to be internal. Thus, if you expand trusted_networks to include outside ISPs, you must declare internal_networks. Generally speaking, you're best off with just configuring trusted_networks to contain your mailservers, and nobody elses. After all, consider that if an email has only been touched by trusted hosts, ALL_TRUSTED will fire and subtract 1.8 points off the score. I may trust yahoo to report IPs correctly. However, I don't trust their users at all. I'd not apply trusted_networks to yahoo's severs for this reason. > If so, is there a list somewhere of large email service providers which are > reliably going to report the ip they receive an email from, along with their > various server ip addresses or ip ranges? >
