Eric W. Bates wrote: > > > Matt Kettler wrote: >>> Eric W. Bates wrote: >>> >>>> Matt Kettler wrote: >>>> >>>>> Eric W. Bates wrote: >>>>> >>>>> >>>>>> I recently upgraded from 2.63 to 3.1 and having done so, my entries for >>>>>> trusted_networks no longer seem to functional. >>>>>> >>>>>> I have way to many trusted network lines, but in particular I know that: >>>>>> >>>>>> trusted_networks 68.64/13 >>>>>> >>>>>> is no longer working because: >>>>>> >>>>>> Content analysis details: (5.9 points, 5.0 required) >>>>>> >>>>>> pts rule name description >>>>>> ---- ---------------------- >>>>>> -------------------------------------------------- >>>>>> -0.0 SPF_PASS SPF: sender matches SPF record >>>>>> 2.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP >>>>>> address >>>>>> [68.64.105.61 listed in dnsbl.sorbs.net] >>>>>> 2.2 RCVD_IN_WHOIS_INVALID RBL: CompleteWhois: sender on invalid IP block >>>>>> [68.64.105.61 listed in >>>>>> combined-HIB.dnsiplists.completewhois.com] >>>>>> 1.7 RCVD_IN_NJABL_DUL RBL: NJABL: dialup sender did non-local SMTP >>>>>> [68.64.105.61 listed in combined.njabl.org] >>>>>> >>>>>> >>>>>> As you know, 68.64.105.61 falls within 68.64.0.0/13; so none of these >>>>>> rules should have hit, correct? >>>>> Maybe.. Were there any untrusted hosts in-between 68.64.105.61 and your >>>>> network >>>>> in the Received: headers? >>>> No. But even if there were, wouldn't the rule fire on the offensive IP >>>> rather than the one listed as 'trusted'? >>> >>> No, it could fire on *ANY* external IP that isn't the first hop. > > I don't think I was clear. I don't question that any IP in the chain > might cause the difficuly. I was questioning why, if 127.0.0.1 is the > problem, why it was reported as 68.64.105.61 in the rule.
Because 127.0.0.1 doesn't match the rule. However, the lack of trust in 127.0.0.1 is causing 68.64.105.61 to be treated as external. RCVD_IN_SORBS_DUL can only match external hosts that are not the first hop. > > Also, adding 127.0.0.1 to trusted_network will, in fact, cause ALL > inbound mail to be trusted, would it not? > > -- > Eric W. Bates > [EMAIL PROTECTED]
