On Wed, 2004-11-03 at 21:40, Dave Goodrich wrote: > Good afternoon, > > I just finished testing an upgrade of SA to 3.01 and my scores fell > through the floor. Read the docs, tried to use the Wiki, followed > everyone else's upgrade on the list. Not sure just what went wrong.
> X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on avhost.tls.net > X-Spam-Status: No, score=0.6 required=5.0 tests=ALL_TRUSTED,DRUGS_ERECTILE, > FROM_NO_LOWER,INVALID_DATE,MISSING_SUBJECT,RM_hm_EmtyMsgid > autolearn=disabled version=3.0.1 You need to specify trusted_networks in local.cf, otherwise you're going to continue to hit the ALL_TRUSTED rule which can *decrease* your score by up to -3.3. If you don't specify trusted_networks then SpamAssassin infers what your trusted networks are - and the inference algorithm may not always get the correct result. For instance if your mail relay/server is on a private network and NATed thru a firewall, then the algorithm may infer incorrectly that the connecting mail server is trusted. i.e. the algorithm assumes that since you're a private address, then the next hop server must belong to you since your MX must be public. However it does not take NAT into account. Setting trusted_networks appropriately will solve this issue (I don't think SA 2.64 has the ALL_TRUSTED rule - or at least it scores low). Since you hit ALL_TRUSTED certain other DNS based tests are not run. Also is dns unavailable (dns_available no)? This may explain why you're not getting SURBL hits (which you should if dns is fully operational). Also skip_rbl_checks will do just that. Regards, - Sean