spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Greg Troxel <...@ir.bbn.com>
Subject Re: Checking for SPF & DKIM Checks
Date Tue, 11 Nov 2008 17:14:40 GMT

Micah Anderson <micah@riseup.net> writes:

> mouss <mouss@netoyen.net> writes:
>
>> That's what I meant. Maybe I use the term "relay" too "liberally"?
>> anyway, such spam is harder to stop unless you add the list relays to
>> your trusted_networks.
>
> This is something in SA that I have the hardest time understanding, the
> trusted_networks and internal_networks settings. I've read all the posts
> that try to clarify it and I still can't keep it straight :) 
>
> How would adding a list relay to my trusted_networks actually make
> stopping spam easier? Doesn't that make it a network that I should spend
> less time doing SA processing, because I 'trust' it?

internal_networks should be your own computers.

It's not about less time, it's about being able to believe the previous
hop IP and look it up in RBLs.

trusted_networks is the set of all IP addresses that deliver mail to you
that have the 'reliable headers' property.  In the current case, the
debian server is sending some spam, but almost surely the Received:
lines on that spam are correct.  So if the server's address is in
trusted_networks, your SA will look up the address debian got the mail
From in RBLs.  I added the netbsd mail server and several others to
trusted_networks and got a big improvement in spam filtering.

Mime
View raw message