Someone, quite probably Jo Rhett, once wrote:
>Kevin Golding wrote:
>> FWIW I've run SpamAssassin on a bog-standard, normal, plain, old-
>> fashioned FreeBSD box sitting in a rack with a public IP, no NAT, no
>> patches, and no pixies or faeries. Auto-detection worked fine.
>
>Just for my reference "Worked fine" meaning "it never demonstrated a
>problem that I observed"
Yes.
>or do you mean "I tried testing it from dozens
>of systems and dozens of mail pathways and I have confirmed that it
>works right?"
Although not specifically tested in every possible scenario since I
never felt a need to - the traffic that box sees includes a wide range
of networks and configurations since it has users from across the
planet, most of whom get a non-trivial amount of global ham and spam.
In other words for the however many thousands of systems and pathways it
saw through natural traffic I've never seen a single piece of spam hit
ALL_TRUSTED, a single piece of ham hit ALL_TRUSTED except when expected,
nor have I seen problems typically attributed to auto-detect failing.
In theory there's a chance it has happened but other settings managed to
obliterate the spam so nobody ever whined at me and therefore I just
didn't get to see the broken config, but with casual observation of log
files, random watching of traffic and user feedback covering a non-
trivial organic sample of mail traffic; auto-detection worked for me.
In fact, I'm watching the logs to see how some new rules (0.01 - don't
panic) are working out in the real world just now so I'll run auto-
detection and watch for the next few minutes to see if anything gets
screwed up.
Summary: At this time of day the ham is largely UK based with Europe in
general in second place. Hong Kong seems to be the rest of the ham but
there may be a few offices I'm wrongly assuming are there. I just saw a
newsletter from Seattle but in truth most of the mail from that side of
the Atlantic is scoring 20+ while the zombies run riot in the night -
but then again the spam is coming from everywhere.
I've not seen a single ALL_TRUSTED as I'd expect. Lots of RBL hits
though - bit depressing really. No whitelist hits but I do try to avoid
them where possible (I didn't notice any mail which should hit the few
whitelist_from_* that I've resorted to), AWL seems to be working as
expected though. I can't think of the other ALL_TRUSTED problems off
the top of my head, sorry.
Oops, looks like one of my users actually got some spam delivered to
them which is a shame. It hit the following:
DEAR_SOMETHING,DK_POLICY_SIGNSOME,EXTRA_MPART_TYPE,HTML_MESSAGE,SARE_GIF
_ATTACH,SARE_UNSUB09,SARE_UNSUB24,SARE_UNSUB31,SARE_UNSUB38D,TVD_FW_GRAP
HIC_NAME_MID
To be honest I'm a bit lazy when it comes to rules for stuff like that.
Much as I like these things to score through the roof it's still high
enough to go in his spam folder.
Anyway, not conclusive but a fair range of traffic and no visible
problems. I'm just rambling to avoid real work if I'm honest. The
answer you're looking for is "no, I didn't do extensive and deliberate
testing. I say auto-detection works fine based just on general testing
of SA[1] and usage[2]"
[1] Read: I fed it random samples of mail and nothing went wrong
[2] Read: Even my users haven't complained about anything which points
to ALL_TRUSTED failing
Kevin,
who just realised this was a tad longer than originally planned
