Could it be verified that the corpora being submitted for the weekly
Network Mass-Checks are coming from systems with correctly configured
trusted_networks and internal_networks? It's important for some of the
rules, and verifying it works seems inconvenient enough that it might have
been skipped, and I could see mail server setups changing over time making
old values invalid.
Verification that it's working isn't very straightforward, as far as I can
tell. You can add to your configuration:
add_header all RelaysUntrusted _RELAYSUNTRUSTED_
And then make sure that in the resulting X-Spam-RelaysUntrusted headers
the first IP listed *is* the sending IP, and not an internal relay or
proxy or something.
For example:
X-Spam-RelaysUntrusted: [ ip=74.125.82.173 rdns=mail-wy0-f173.google.com
helo=mail-wy0-f173.google.com by=panic.chaosreigns.com ident= envfrom=
intl=0
id= auth= msa=0 ]
Received: from mail-wy0-f173.google.com (mail-wy0-f173.google.com
[74.125.82.173])
by panic.chaosreigns.com (Postfix) with ESMTP
for <dar...@chaosreigns.com>; Sun, 17 Oct 2010 16:47:52 -0400 (EDT)
The IP 74.125.82.173 from the X-Spam-RelaysUntrusted header matches the
Received header from the last untrusted relay.
--
"Let's just say that if complete and utter chaos was lightning, then
he'd be the sort to stand on a hilltop in a thunderstorm wearing wet
copper armour and shouting 'All gods are bastards'." - The Color of Magic
http://www.ChaosReigns.com
