Hi, when further investigating my issue that ALL_TRUSTED is always true I came along the following lines when debugging SA:
Apr 15 11:44:43.211 mail /usr/sbin/amavisd-new[9991]: (09991-02) SA dbg: received-header: parsed as [ ip=172.20.12.10 rdns=relay-in helo=mail2 by=mail01 ident= envfrom= intl=0 id= auth= msa=0 ] Apr 15 11:44:43.212 mail /usr/sbin/amavisd-new[9991]: (09991-02) SA dbg: netset: trusted_networks lookup on 172.20.12.10, 5 networks, result: 1, 0.617 ms Apr 15 11:44:43.212 mail /usr/sbin/amavisd-new[9991]: (09991-02) SA dbg: netset: internal_networks lookup on 172.20.12.10, 5 networks, result: 1, 0.204 ms Apr 15 11:44:43.212 mail /usr/sbin/amavisd-new[9991]: (09991-02) SA dbg: received-header: relay 172.20.12.10 trusted? yes internal? yes msa? no Apr 15 11:44:43.212 mail /usr/sbin/amavisd-new[9991]: (09991-02) SA dbg: received-header: parsed as [ ip=195.245.231.135 rdns=mail6.bemta5.messagelabs.com helo=mail6.bemta5.messagelabs.com by=mail2 ident= envfrom= intl=0 id=0CC1B30E auth= msa=0 ] Apr 15 11:44:43.213 mail /usr/sbin/amavisd-new[9991]: (09991-02) SA dbg: netset: trusted_networks lookup on 195.245.231.135, 5 networks, result: 0, 0.204 ms Apr 15 11:44:43.213 mail /usr/sbin/amavisd-new[9991]: (09991-02) SA dbg: received-header: originating, 195.245.231.135 and remaining relays will be considered trusted, but no longer internal Apr 15 11:44:43.213 mail /usr/sbin/amavisd-new[9991]: (09991-02) SA dbg: received-header: relay 195.245.231.135 trusted? yes internal? no msa? no Apr 15 11:44:43.216 mail /usr/sbin/amavisd-new[9991]: (09991-02) SA dbg: received-header: parsed as [ ip=85.158.139.35 rdns= helo= by=server-4.bemta-5.messagelabs.com ident= envfrom= intl=0 id=B6/BA-18387-A08B0175 auth= msa=0 ] Apr 15 11:44:43.216 mail /usr/sbin/amavisd-new[9991]: (09991-02) SA dbg: received-header: relay 85.158.139.35 trusted? yes internal? no msa? no So SA correctly identifies an relay as external but still trusts the whole path. Why? Thanky you
