Matt Kettler wrote:
NFN Smith wrote:
Bowie Bailey wrote:
Thus, if I'm running SpamAssassin on server xx.yy.zz.ww, and I get a
message from server aa.bb.cc.dd, I want both servers to trust each
other, because I control both servers, and there's no intermediate
relay between the two.
Then you just need to add one line to the config on each server.
On server "xx.yy.zz.ww":
trusted_networks aa.bb.cc.dd
On server "aa.bb.cc.dd"
trusted_networks xx.yy.zz.ww
Actually, you should include the IP of the actual server in the list
too, so...
On server "xx.yy.zz.ww":
trusted_networks xx.yy.zz.ww
trusted_networks aa.bb.cc.dd
On server "aa.bb.cc.dd"
trusted_networks aa.bb.cc.dd
trusted_networks xx.yy.zz.ww
This is exactly what I'm doing. Yet when I send a spammy test message
from a server whose IP address is one that's specified by
trusted_networks, the message is getting a full SA score.
That's exactly what should happen.
trusted_networks is NOT a whitelist.
Trust here means trusted to not forge headers, it does not mean that trusted to
be spam free, and is not a "get out of spam scanning free" ticket.
Like Matt said, it's not in itself a whitelist (ALL_TRUSTED only gives
you -4.1 or something like that), but it is absolutely necessary to have
correct. It's also the basis for whitelisting using
"whitelist_from_rcvd" or "whitelist_from_spf". Not to mention that it
also affects most of the DNS blacklist checks.
Daryl
