[Mimedefang] [possibly off-topic] ALL TRUSTED SA Problem
Kelson
kelson at speed.net
Wed May 18 12:36:27 EDT 2005
Joseph Brennan wrote:
> It's a Spamassassin thing. We changed its score to 0 after seeing
> repeated examples of spam coming in with this marker.
Not a good idea. If ALL_TRUSTED is firing when it shouldn't, there are
two possibilities:
1. The trust path is not set correctly.
2. There is a bug in SpamAssassin.
In the vast majority of cases, it's #1, which means that a lot more than
ALL_TRUSTED is going to be broken until that trust path is set. SA will
use the wrong Received: headers for RBL lookups, whitelist_from_rcvd
rules won't necessarily work right, etc.
This most frequently happens when the local system is behind NAT and
running on a reserved IP range like 192.168.x.x, because under those
circumstances SA cannot automatically determine which servers can be
trusted. I see from the original poster's message that this is the
case. Setting trusted_networks as described in the next link should
solve the problem.
http://wiki.apache.org/spamassassin/TrustPath
There are bugs in SA that cause ALL_TRUSTED to fire incorrectly for some
people, but your best bet is to set trusted_networks first, and only
disable ALL_TRUSTED if that isn't enough.
--
Kelson Vibber
SpeedGate Communications <www.speed.net>
More information about the MIMEDefang
mailing list