https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6567
Henrik Krohns <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #2 from Henrik Krohns <[email protected]> 2011-11-03 20:45:49 UTC --- (In reply to comment #1) > UNCLEAR - 2) Switch everything to -firsttrusted. I believe -lastexternal > ignores > trusted_networks, which I don't think is appropriate? > > KAM: So switching -lastexternal to -firsttrusted would really need some FPs > that show this as an issue. > > Looking at lib/Mail/SpamAssassin/Plugin/DNSEval.pm, the nuance differences > between these flags elude me. > > Warren's sandbox for example flip-flops between them. I have to assume he had > his reasons. > > > TOO BROAD A QUESTION - 3) And for the ones that don't have -lastexternal or > -firsttrusted, I think it's checking *all* untrusted hops? Is that really > best? Always vague and beaten to death on lists and bugs. There are two lists, internal_networks and trusted_networks. Lastexternal and firsttrusted are their identical counterparts (first relay that isn't in those networks). It's crucial that RBLs etc are applied on the internal/external border, that is the MX border. That's where you also use RBLs for SMTP time rejecting. It's common that trusted_networks extends further for whitelisting purposes etc. If someone really wants to continue debating this, it should be in it's own bug or users list (you probably can find million discussions from both before). Someone should reaally document these in depth so even devs don't forget it.. -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
