On Sun, 12 Jul 2009 00:46:34 +0300 (EEST) "Jari Fredriksson" <ja...@iki.fi> wrote:
> > > > So is there a way to configure that ALL DNS tests just use the last > > external > > ip address (or at least NOT the first one?). Because to me it > > doesn't make any sense to test the ip people use to deliver > > messages to their smarthost and it produces quite a few false > > positives on my system... > > > > It is supposed to work just that way, the trusted_networks tells what > is kept outside the evaluation. The first IP beyond that is the one > to blame. > > Strange.. It's not strange, it's simply that you share the same misconception as the OP. Many of these RBLs are commonly used for outright rejection at the SMTP level. Spamassassin looks deeper into the headers, but scores them appropriately. RCVD_IN_NJABL_PROXY only scored 1.6, the same email also hit MIME_QP_LONG_LINE scoring 1.4, which in my experience is a far more common FP. The important thing is that despite FP'ing on two separate rules, the email still ended-up with a negative score. This is why we have a scoring system, and not a set of poison-pill rules.
