Matt, thanx a lot for your thorough answer... this is just what I've been asking. See below.
El 17 Jun 2004 a las 10:04, Matt Kettler escribi�: > At 10:44 AM 6/17/04 -0300, Mariano Absatz wrote: > >Is there any documentation about this setting, besides what's in > >http://www.spamassassin.org/doc/Mail_SpamAssassin_Conf.html > > > >I'd like to understand what it does rather than see a couple of trivial > >examples... > > > >My particular problem is described in > >http://marc.theaimsgroup.com/?l=spamassassin-users&m=108705223721279&w=2 > > > >In short, is there a way (using trusted_networks or anything else) to avoid > >EVERY RBL checking from a message coming from a specific IP? > > > No.. do not try to use trusted_networks as a form of "RBL whitelist".. > that's not what it does, and there's currently no feature in SA 2.6x that > does this. (And I'm not aware of one in 3.x, but I've not really checked > either) OK... I can't do that, fine... > > The use of the word "trusted" here is probably the largest cause of > confusion, because many network admins think of "trusted" hosts as being > "not sources of spam". But that's not what it means. > > "trusted" in this case means "A mail server which is a part of my network, > and trusted to produce non-forged Received: headers". This I had already understood (just by browsing the list archive and seeing answers explaining what trusted_networks is NOT, but yours is the first answer I find that (here below) explains what trusted_networks actually _does_ > > trusted_networks is used in only a few places. It's generally used in > determining where your "network border" is when tracking through received: > headers. > > 1) whitelist_from_rcvd... rcvd is checked against the untrusted host > dropping mail off the first time an "untrusted" host drops mail off at a > "trusted" host. This is what I saw in the docs... > > 2) notfirsthop rbl rules are checked against IPs dropping mail off at > trusted hosts. This is generally used for dialup RBLs. > > 3) firsttrusted rbl rules. Used for "whitelist" RBLs which need to be > checked against trusted headers to prevent forgery. (such as > RCVD_IN_BSP_TRUSTED). In actuality this currently works much like > "notfirsthop", but they could diverge in behavior later. > > 4) untrusted rbl rules. Currently only used by "RCVD_IN_BSP_OTHER" It's > intended to pick up any use of bondedsender in an untrusted relay, mostly > for informational purposes. > Now I get it, thanx again, Matt. -- Mariano Absatz El Baby ---------------------------------------------------------- Usenet is like Tetris for people who still remember how to read. -- Joshua Heller
