Clay Irving wrote:
I set ALL_TRUSTED to 0.0
That helps explain it. The SPF implementation depends on a properly set up trust path. If you were seeing misfires on ALL_TRUSTED, that probably means your trust path was incorrect.
The proper solution is to set your trusted_networks and internal_networks correctly (see the docs), then re-enable ALL_TRUSTED.
If you're still having problems with ALL_TRUSTED misfiring, run spamassassin -D on a problem message and see if there's a problem parsing the Received: headers. That will also cause problems with the trust path and anything that depends on it (SPF included)
A lot of SA features -- not just ALL_TRUSTED -- depend on a correct trust path. Disabling ALL_TRUSTED won't fix those.
-- Kelson Vibber SpeedGate Communications <www.speed.net>
