RW wrote: > I'm having a bit of trouble with Fastmail.fm and my trusted network. > > SA takes the first X-Spam-Relays-Untrusted header section as the > last-hop hand-off, and in this case it's seeing the internal > transaction from the MX server (mx2.messagingengine.com) to the first > internal server (compute1.internal), which is seeing the MX server's > private lan-side address. > > I don't see why SA is doing this, if it trusts one private hand-off > (compute1.internal -> store45m.internal) then why not trust previous > ones until it reaches a public IP address that isn't in the trusted > network. > Actually, the auto-guesser should be trusting all the private hand offs up until the first public. It also should trust the first public as wekk,
Unless, of course, you have a trusted_networks or internal_networks statement in your config.. At that point the auto-guesser is disabled. > > X-Spam-Relays-Untrusted: [ ip=10.202.2.201 rdns= > helo=mx2.messagingengine.com by=compute1.internal ident= envfrom= intl=0 id= > auth= msa=0 ] [ ip=65.54.246.170 rdns=bay0-omc2-s34.bay0.hotmail.com > helo=bay0-omc2-s34.bay0.hotmail.com by=mx2.messagingengine.com ident= > envfrom= intl=0 id=63792157 auth= msa=0 ] ... > > > X-Spam-X-Spam-Relays-Trusted: [ ip=10.202.2.41 rdns=compute1.internal > helo=compute1.internal by=store45m.internal ident= envfrom= intl=1 id= > auth=LMTPA msa=0 ] > > Are you sure you don't have a trusted_networks statement in your config anywhere?
