On Thu, 2004-11-04 at 15:04, Dave Goodrich wrote: > > Check out trusted_network section of Mail::SpamAssassin::Conf > > i.e no RBL tests on trusted networks. > "If you're running with DNS checks enabled, SpamAssassin includes code > to infer your trusted networks on the fly, so this may not be necessary. > (Thanks to Scott Banister and Andrew Flury for the inspiration for this > algorithm.) This inference works as follows:" > > This seems backwards to me. If a user does nothing, then his network > will be considered trusted by default? We are an ISP, and SA is running > on our toasters. I don't want any machine trusted as that leaves a door > open for my smtp relay users (viruses, trojans, just bad folks) to spam > local users. > > JMHO, but shouldn't all networks be considered untrusted unless a user > specifies otherwise?
I got to agree with you there - especially given that the inference algorithm doesn't work in every environment. - Sean