On Wed, 2004-11-03 at 21:40, Dave Goodrich wrote:
> Good afternoon,
>
> I just finished testing an upgrade of SA to 3.01 and my scores fell
> through the floor. Read the docs, tried to use the Wiki, followed
> everyone else's upgrade on the list. Not sure just what went wrong.
> X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on avhost.tls.net
> X-Spam-Status: No, score=0.6 required=5.0 tests=ALL_TRUSTED,DRUGS_ERECTILE,
> FROM_NO_LOWER,INVALID_DATE,MISSING_SUBJECT,RM_hm_EmtyMsgid
> autolearn=disabled version=3.0.1
You need to specify trusted_networks in local.cf, otherwise
you're going to continue to hit the ALL_TRUSTED rule which can
*decrease* your score by up to -3.3. If you don't specify
trusted_networks then SpamAssassin infers what your trusted
networks are - and the inference algorithm may not always get
the correct result. For instance if your mail relay/server is
on a private network and NATed thru a firewall, then the
algorithm may infer incorrectly that the connecting mail server
is trusted. i.e. the algorithm assumes that since you're a
private address, then the next hop server must belong to you
since your MX must be public. However it does not take NAT
into account. Setting trusted_networks appropriately will solve
this issue (I don't think SA 2.64 has the ALL_TRUSTED rule - or
at least it scores low).
Since you hit ALL_TRUSTED certain other DNS based tests are not
run.
Also is dns unavailable (dns_available no)? This may explain
why you're not getting SURBL hits (which you should if dns
is fully operational). Also skip_rbl_checks will do just that.
Regards,
- Sean
