[Mimedefang] What determines ALL_TRUSTED?
alien at 12inch.com
Sat Jun 10 23:19:19 EDT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Jim Hatfield wrote:
> I've seen a few uncaught spams lately with ALL_TRUSTED scored.
> I see that this is determined by a function called check_all_trusted(),
> but my Perl isn't good enough to work out how this flag is determined.
> Mails are delivered direct via SMTP, not relayed from anywhere, so I
> don't see that there should be any trusted relays in the chain.
This is a question more appropriate for the spamassassin list, as it
is definitely in reference to the internals of SpamAssassin. Howerver;
here's a basic breakdown of that ALL_TRUSTED means.
the ALL_TRUSTED rule is evaluated based on the trust path. the trust
path is determined automatically if it's not explicitly setup using the
trusted_networks and internal_networks configuration directives.
if your mail server is behind NAT, the trust path auto-determination
routines will likely get confused, so you should define them manually.
the trust path refers to MTAs that you explicitly trust NOT TO FORGE
RECIEVED HEADERS. that's it. it's not a whitelist, it's not hosts you
trust not to send spam. in most cases this should be your local mail
host, its outward facing network address and any other MX hosts you have
explicit control over.
the trust path can affect other network related tests, so it's important
to set it properly. You should check the SpamAssassin wiki for more
details on the ALL_TRUSTED rule and setting the trust paths.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the MIMEDefang