This might be one of those small "duh" things, but there's something I'm missing here.
I'm running SpamAssassin 2.6, being launched from MIMEDefang as a sendmail milter. I have several servers and domains in a number of different IP blocks (i.e., hosted at different co-lo providers). I want to make sure messages between our users aren't tagged by SA, and for the moment, I have whitelist_from directives, listing each of our domains. The difficulty with this, of course, is incoming mail with forged return addresses that show our domains. Since our users all send from known IP addresses, I prefer to trust by known server IP address, rather than named domain. I've found the trusted_networks setting, but when I apply a block of IP addresses (and restart MIMEDefang), and then send a spammy test message from a server in the specified block, the message still is being evaluated by SA as spam. Thus, it appears that SA is ignoring my designation of trusted_networks. Is there something else that I have to make sure is enabled (such as skip_rbl_checks), is it something that's not functional when I'm running from MIMEDefang, or something else that I'm missing? TIA, Smith