I did also test the TRUSTED_NETWORKS option as well (note: I tried
"trusted" and "internal" network options before resorting to this
maillist for advice).
It results in:
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mailserver
X-Spam-Level:
X-Spam-Status: No, score=-1.0 required=3.0 tests=ALL_TRUSTED,HTML_MESSAGE
autolearn=unavailable autolearn_force=no version=3.4.0
X-Spam-Report:
* -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
* 0.0 HTML_MESSAGE BODY: HTML included in message
*
X-Spam-Relays-Untrusted:
X-Spam-Relays-External:
X-hMailServer-ExternalAccount: POPdaily
Return-Path: <char...@xxxxxxxxxxidlan.net>
Received: from mailin3.myhost.net (mailin3.myhost.net [195.26.90.113])
(authenticated
user=sylves...@mydomain.net bits=0) by ms7.myhost.net (Cyrus
v2.4.16-Kolab-2.4.16-1.el6)
with LMTPSA (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384
bits=256/256
verify=YES); Tue, 07 Jun 2016 13:31:04 +0100
X-Sieve: CMU Sieve 2.4
Received: from mailsub2.myhost.net ([195.26.90.72]) by
mailin3.myhost.net with
esmtps (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.85)
(envelope-from <char...@xxxxxxxxxxidlan.net>)
id 1bAG9w-0001Sw-2s for sylves...@mydomain.net; Tue, 07 Jun 2016 13:31:04
+0100
Received: from [2.25.50.35] (helo=[192.168.1.249]) by
mailsub2.myhost.net with
esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.85) (envelope-from
<char...@xxxxxxxxxxidlan.net>)
id 1bAG9r-0002wq-Oo; Tue, 07 Jun 2016 13:31:03 +0100
From: Charlie Cridlan <char...@xxxxxxxxxxidlan.net>
Mime-Version: 1.0 (Apple Message framework v1085)
Content-Type: multipart/alternative; boundary=Apple-Mail-32--483328467
Subject: [SPAM] Fwd: [SPAM] from charlie re white matt vinyl
Date: Tue, 7 Jun 2016 13:30:59 +0100
But it was from seeing this that I was still left wondering why it didnt
go further down the received headers to the next hop and do a Spamhaus
test on [2.25.50.35] just as it was tested and found to be on Spamhaus
by my MTA.
Maybe its my inexperience/novice status. Is it because it is seen as
being the first/sending client? (Suppose so). And therefore the only
'relay' in the chain is the 2nd one?
TIA
On 08/06/2016 14:59, Kevin Golding-2 [via SpamAssassin] wrote:
> On Wed, 08 Jun 2016 13:49:17 +0100, jimimaseye
> <[hidden email] </user/SendEmail.jtp?type=node&node=121182&i=0>> wrote:
>
> > Regarding the range: the range belongs to our mail host provider who
> > receive the emails then pass them amongst their own servers (doing
> their
> > own teats no doubt). Plus they dont have just the one address - an
> > incoming emial can land at any of several servers (load balancing). I
> > dont know the EXACT range of addresses they use but I know they are all
> > within 195.26.90.x range (hence the cross-the-board approach to cover
> > all eventualities).
>
>
> Try them as trusted_networks instead. From what you describe they're not
> what I would classify as internal, a third party manages them. You trust
> that third party so trusted_networks is fine, but internal_networks is
> more for... well, internal networks.
>
> But given you've proved that SA is still viewing that rely as both
> external and untrusted it comes down to tuning your trust path:
> https://wiki.apache.org/spamassassin/TrustPath - don't forget to restart
> spamd/however you call SA. You've basically narrowed it down to either
> using old config, using a different config, or a typo in your config. But
> it's definitely trust path related.
--
View this message in context:
http://spamassassin.1065346.n5.nabble.com/Advice-why-one-relay-evaluated-and-not-the-other-tp121145p121185.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
