Justin,
- if any addresses of the 'by' host is in a reserved network range, then it's trusted
However, I would have thought that this would imply that the 10.0.0.53
host is trusted and not any servers connecting to it.
The problem is that 10.x is a private net, therefore SpamAssassin infers it cannot possibly be the external MX sitting out there on the internet. (for a host to be sitting on the public internet accepting SMTP connections, it'd obviously need a public IP addr.)
so the *next* step must be the external MX.
My 10.x server is inside a firewall which NATs port 25 so this
conclusion is not correct. I imagine that my setup isn't all that different from a lot of other peoples.
This is exactly how i have my system setup. I have a 192.168 IP assigned to my server. It has no public IP assigned to it. However, i have a router/firewall in front of it which has a public ip assigned to its wan interface which then does NAT/port forwarding to my qmail server. It works extremely well for our purposes. It sounds to me that if i upgraded to 3.0 (still running 2.64) i would then have the same issue with the trusted networks. It doesnt really sound correct. Just because my machine doesnt have a public ip does NOT mean that mail passes through a trusted source first..unless you are calling my little SMC barricade a trusted source.
-Jim
