On Apr 23, 2008, at 3:27 PM, Matt Kettler wrote:
How and why? Are you saying I *must* have a 2nd-level MX host for
SA to work? That's not my experience, and 2-layer relays are
backscatter sources. Milter from the local MTA works just fine.
No, you don't need a second-level MX. However, to work properly, SA
must trust everything up to an including your MX, and all your
trusted mailservers need to generate Received: headers that SA can
then make sense of.
I'm not repeating for the 5th time that there are no trusted
mailservers. Only this host.
This isn't about SA trusting the originating source of the
message. it's about SA trusting that at least one trusted
mailserver actually received the message. ie: the message has to
have actually arrived at your server, and not been transplanted
from nowhere by magic.
If there's no trusted headers, then all messages are equally magic
to SA, and it will never distinguish mail you sent as compared to
mail an outsider forged as you.
Yes, it knows the localhost received header is valid. Basics of SA
setup 101. Now can we return to the topic?
--
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source
and other randomness