From: Jason Gauthier [mailto:[EMAIL PROTECTED] > > I attached a message to this email that got an incredibly low spam > score. When I run the message through spamassassin -t it gets a > spam score as I would expect. > > I know I don't have much more details, but can anyone give me ideas > why? > > > Content analysis details: (2.7 points, 5.0 required) > > pts rule name description > ---- ---------------------- ----------------------------------------- > -2.8 ALL_TRUSTED Did not pass through any untrusted hosts
This looks like your problem. You have not given SA enough information about your network for it to determine which mailservers are yours and which are on the Internet. You need to add trusted_networks entries to your local.cf to fix this problem. >From the Mail::SpamAssassin::Conf man page: trusted_networks ip.add.re.ss[/mask] ... (default: none) What networks or hosts are 'trusted' in your setup. Trusted in this case means that relay hosts on these networks are considered to not be potentially operated by spammers, open relays, or open proxies. A trusted host could conceivably relay spam, but will not originate it, and will not forge header data. DNS blacklist checks will never query for hosts on these networks. MXes for your domain(s) and internal relays should also be speci- fied using the "internal_networks" setting. When there are 'trusted' hosts that are not MXes or internal relays for your domain(s) they should only be specified in "trusted_networks". If a "/mask" is specified, it's considered a CIDR-style 'netmask', specified in bits. If it is not specified, but less than 4 octets are specified with a trailing dot, that's considered a mask to allow all addresses in the remaining octets. If a mask is not specified, and there is not trailing dot, then just the single IP address specified is used, as if the mask was "/32". Examples: trusted_networks 192.168/16 127/8 # all in 192.168.*.* and 127.*.*.* trusted_networks 212.17.35.15 # just that host trusted_networks 127. # all in 127.*.*.* This operates additively, so a "trusted_networks" line after another one will result in all those networks becoming trusted. To clear out the existing entries, use "clear_trusted_networks". So just add a trusted_networks entry for your network, or one for each of your mailservers and the ALL_TRUSTED rule should start firing properly again. Bowie