On Tue, 7 Dec 2004, Thomas Cameron wrote: > I do not understand why this is tagged ALL_TRUSTED! > > Here is my local.cf: > ########################################### [snip..] > > clear_trusted_networks > trusted_networks 24.173.79.19/32 > ########################################### > > As you can see, the only trusted network I have is my mail server! Why is > ALL_TRUSTED hitting? I am about to set ALL_TRUSTED to a score of 0! > > Thomas
Silly question; precisely how do you have SA integrated into your mail system? I noticed that you are using sendmail & clamav-milter, are you also using a milter to connect spamd into your mail system? If so, precisely which milter? This is important, as not all sendmail spam-milters are created equal. ;) Here is the issue specific to your situation. The milter gets the message from sendmail "raw", IE before sendmail does any of it's usual processing of the message SUCH AS ADDING "Received" headers. So the milter does NOT see that particular header: Received: from CM02.outbound.mail (mailer4.monteraymedia.com [66.63.189.28] (may be forged)) by mail.camerontech.com (8.13.1/8.13.1) with ESMTP id iB75ihQg015990 for <[EMAIL PROTECTED]>; Mon, 6 Dec 2004 23:44:44 -0600 which is critical to SA's ability to determine local vs non-trusted hosts. Well crafted milters will understand that and internally synthesize a 'Received:' header to mimic the one that your sendmail will add. Without that (or if it isn't done well) then SA will never be able to properly do the trust determination. Dave -- Dave Funk University of Iowa <dbfunk (at) engineering.uiowa.edu> College of Engineering 319/335-5751 FAX: 319/384-0549 1256 Seamans Center Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527 #include <std_disclaimer.h> Better is not better, 'standard' is better. B{