mouss wrote: > Matt Kettler a écrit : > >> >> That's kinda weird. Let's get a trusted_networks setup done properly and if >> that >> doesn't fix it, we'll revisit this. > > > as Joan, said, it is because my mail is sent to the ML, then is received by > my server. I don't think my SA should "trust" my headers.
I don't think it should. It should however trust your INBOUND header stating that the mail was delivered from the apache.org listserv. I'm not trying to make it trust your outbound headers, I'm actually trying to make sure it DOES NOT trust them. In fact, I'm trying to make sure it trusts only your inbound, internally generated headers, and absolutely nothing else. > Now, look at the headers below. This says one hop is in SORBS. I know > one hop (my IP) is in SORBS_DUL. which one is in SORBS (not DUL I mean)? > X-Spam-Status: No, score=-101.599 required=5 tests=[BAYES_00=-2.599, > RCVD_IN_SORBS=1, USER_IN_WHITELIST=-100] Wait a sec.. What version of SpamAssassin are you using? Thre IS NO RULE named "RCVD_IN_SORBS" in SpamAssassin 2.64 or newer. Period. It doesn't exist. It is also very concerning that the RCVD_IN_SORBS hit is scoring 1.0. The rule that did exist by that name was in SA 2.60-2.63, and was force-scored at 0.100 because it will false positive for all dialup mail. It's a known artifact of how SORBS was implemented in this version of SA. SA 2.64 and newer removed this rule and replaced it with the zero-point, never placed in the headers rule named __RCVD_IN_SORBS. I'm very concerned that your default ruleset is corrupted.
