>> As i understand it, in trusted networks you want
>> to have any ip or ip range that you trust to be
>> reporting correctly the details of the server from
>> which it received the email.
>
> Yes, however there's another stipulation.. By default,
> if undeclared, internal_networks will copy the values
> of trusted_networks.
>
> You do NOT under ANY condition want another ISP's
> mailservers to be internal. Thus, if you expand
> trusted_networks to include outside ISPs, you must
> declare internal_networks.
Ok, well that is resolvable. What is actually meant
to be included as "internal" and what is the difference
between that and trusted networks? If something is
trusted then it can be treated as internal, or can't it?
But for the sake of arguements, let's say i do specify
my internal networks independently.
> After all, consider that if an email has only been
> touched by trusted hosts, ALL_TRUSTED will fire and
> subtract 1.8 points off the score.
>
> I may trust yahoo to report IPs correctly. However,
> I don't trust their users at all. I'd not apply
> trusted_networks to yahoo's severs for this reason.
However if i trust the main Yahoo mail servers it doesn't
mean i have to trust it's users. For example, let's
say i trust 81.103.221.35 as a Yahoo server to tell me
the truth. A Yahoo user ([EMAIL PROTECTED]) sends an
email to me ([EMAIL PROTECTED]).
Return-Path: <[EMAIL PROTECTED]>
Received: from aamtain08-winn.ispmail.ntl.com ([81.103.221.35])
by mtain06-winn.ispmail.ntl.com with ESMTP
id <[EMAIL PROTECTED]>
for <[EMAIL PROTECTED]>; Wed, 28 Jun 2006 23:45:20 +0100
Received: from web53801.mail.yahoo.com ([206.190.36.196])
by aamtain08-winn.ispmail.ntl.com with SMTP
id <[EMAIL PROTECTED]>
for <[EMAIL PROTECTED]>; Wed, 28 Jun 2006 23:45:19 +0100
Received: (qmail 15634 invoked by uid 60001); 28 Jun 2006 22:45:11 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.com;
h=Message-ID:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding;
b=Ue4aoOyVvwobMH+Vv9+e0x66UAJb/9Z9GIrwOdz3FR/hP2y1q2YM9SfmV4BILlLbqAsYVfI5HoKlMzkKgs547daKfjzSu9cIkU6kdFKyKLPAHjluZOBdTg/WD3esWZ9zPhJvfFEx39aUOH/0SE9weARVWBGt3/347XkphA727y4=
;
Message-ID: <[EMAIL PROTECTED]>
Received: from [70.22.206.250] by web53801.mail.yahoo.com via HTTP; Wed, 28 Jun
2006 15:45:11 PDT
We trust the main yahoo server, but the webmail server we
do not trust, so it will never trigger ALL_TRUSTED.
Can you see any negative effects of having 81.103.221.35
in my trusted networks? Could that server send out spam
directly? As i see it, there will always be another server
feeding it the email, so you will never get all trusted
firing.
As i see it, i can trust that server.
Ben
