At 11:04 PM 5/7/04 +0100, Keith Edmunds wrote:
So why is the mail being marked RCVD_IN_DYNABLOCK? Have I misunderstood how this is supposed to work?
No, it shouldn't have matched..
Question for you... what does tclgs001.rg2.tiger-computing.com resolve to on your mailserver? Is it one of the reserved IP's (192.168.*.*, 172.16.*.*, 10.*.*.*, etc)?
SA 2.6x has a trust path bug where it will wind up over trusting if one of these IPs is in the path. It winds up trusting the ISP relay server and decides it's part of your network, and thus thinks the dialup user dropped off directly to your MX.
You can fix it by forcing SA to only trust one host.
trusted_networks 192.168.1.1/32
Also if you re-run the message through spamasassin -D you'll see the bug happen. In the debug statements you'll see it claim 209.228.29.64 is trusted, which it shouldn't be.. After applying the trusted_networks fix that should go away.
