Micah Anderson <[EMAIL PROTECTED]> writes: > mouss <[EMAIL PROTECTED]> writes: > >> That's what I meant. Maybe I use the term "relay" too "liberally"? >> anyway, such spam is harder to stop unless you add the list relays to >> your trusted_networks. > > This is something in SA that I have the hardest time understanding, the > trusted_networks and internal_networks settings. I've read all the posts > that try to clarify it and I still can't keep it straight :) > > How would adding a list relay to my trusted_networks actually make > stopping spam easier? Doesn't that make it a network that I should spend > less time doing SA processing, because I 'trust' it?
internal_networks should be your own computers. It's not about less time, it's about being able to believe the previous hop IP and look it up in RBLs. trusted_networks is the set of all IP addresses that deliver mail to you that have the 'reliable headers' property. In the current case, the debian server is sending some spam, but almost surely the Received: lines on that spam are correct. So if the server's address is in trusted_networks, your SA will look up the address debian got the mail From in RBLs. I added the netbsd mail server and several others to trusted_networks and got a big improvement in spam filtering.
pgpDapQUm5cpu.pgp
Description: PGP signature
