> -----Original Message----- > From: Matt Kettler [mailto:[EMAIL PROTECTED] > Sent: Thursday, January 12, 2006 1:29 PM > To: jdow > Cc: users@spamassassin.apache.org > Subject: Re: spam scores low (Sendmail + smtp-vilter + SA ) > > > jdow wrote: > > From: "Mike Sassaman" <[EMAIL PROTECTED]> > > > >> The default local.cf was very minimal, during > troubleshooting I added > >> some > >> things trying to get improvements. This is my current > >> /etc/mail/spamassassin/local.cf: > >> required_score 5 > >> rewrite_header Subject *****SPAM***** > >> use_razor2 1 > >> razor_config /etc/mail/spamassassin/.razor/razor-agent.conf > >> razor_timeout 600 > >> # report_safe 1 > >> # trusted_networks 212.17.35. > >> # lock_method flock > >> use_bayes 1 use_bayes_rules 1 bayes_path > >> /home/_vilter/.spamassassin/bayes bayes_auto_learn 1 > >> bayes_auto_learn_threshold_spam 6 > >> skip_rbl_checks 0 > >> rbl_timeout 600 > >> use_auto_whitelist 0 > >> score ALL_TRUSTED 0 0 0 0 > > > > > > That bottom line is a severe problem, Mike. It will disable a lot of > > very helpful tools and rules within SA. Your bayes_*_autolearn > > thresholds need to be widened out. RBL checks are > effectively disabled > > by your ALL_TRUSTED score. > > That's not really true J.. zeroing out ALL_TRUSTED doesn't > really affect the > RBLs at all. > > However, zeroing out ALL_TRUSTED is covering up the fact that his > trusted/internal networks are all screwed up with over-trust. > > Having a screwed up internal networks will make the RBLs fail > to match when they > should. SA doesn't check "internal" hosts against the RBLs. > > The mail which hits ALL_TRUSTED will have a matching > internal_networks setting > by default, which means no hosts will be checked against the > RBLs for these > messages. > > So, by zeroing out ALL_TRUSTED, he's not really disabling his > RBLs, but Mike is > covering up the symptoms that are pointing out his RBLs are > being disabled.
Ok, I've removed the ALL_TRUSTED 0 line. So if you're saying my trusted_networks are broken, then, reading from the man page.... if I add the lines: clear_trusted_networks clear_internal_networks trusted_networks x.x.x.x (where x.x.x.x is my own ip address) ...will that conceivably help me?