Jari Fredriksson wrote:
I tried with this:
---------(local.cf)-----------
internal_networks 10.0.0.0/8
trusted_networks 10.0.0.0/8 127.0.0.1
trusted_networks 212.16.98.0/24 212.16.100.0/24 62.142.0.0/16 195.197.172.98
trusted_networks 195.74.0.0/16 213.192.189.2/24 217.30.188.0/24 65.54.0.0/16
trusted_networks 83.145.211.136 217.30.180.104
trusted_networks 64.233.183.0/24 209.85.199.0/24 72.14.247.27/24 64.233.163.27
trusted_networks 213.157.94.92
------------------------------
Here, internal is a subset of trusted, is that how it should go?
$ spamassassin -D --lint
[7594] warn: netset: cannot include 127.0.0.1/32 as it has already been included
[7594] warn: netset: cannot include 10.0.0.0/8 as it has already been included
It looks like SA itself configured the trusted.
I know that you should not include 127.0.0.1 since it is always there by
default (if you can't trust your own server, you have bigger problems
than the SA config), but I'm not sure where the error for 10.0.0.0/8
came from. That one should not be trusted by default as far as I know.
--
Bowie
