On Wed, 08 Jun 2016 13:59:26 +0100 Kevin Golding wrote: > On Wed, 08 Jun 2016 13:49:17 +0100, jimimaseye > <groachmail-stopspammin...@yahoo.com> wrote: > > > Regarding the range: the range belongs to our mail host provider > > who receive the emails then pass them amongst their own servers > > (doing their own teats no doubt). Plus they dont have just the one > > address - an incoming emial can land at any of several servers > > (load balancing). I dont know the EXACT range of addresses they > > use but I know they are all within 195.26.90.x range (hence the > > cross-the-board approach to cover all eventualities). > > > Try them as trusted_networks instead. From what you describe they're > not what I would classify as internal, a third party manages them. > You trust that third party so trusted_networks is fine, but > internal_networks is more for... well, internal networks.
Putting servers like this into internal_networks is almost always the right thing to do. Putting them into trusted_networks reduces effectiveness and should be done as a last resort. It's needed only if receiving a significant amount of mail that's submitted by mail clients into that network, and that mail has no authentication recorded in the Received headers.
