On Thu, 2004-11-04 at 15:04, Dave Goodrich wrote:
> > Check out trusted_network section of Mail::SpamAssassin::Conf
> > i.e no RBL tests on trusted networks.
> "If you're running with DNS checks enabled, SpamAssassin includes code
> to infer your trusted networks on the fly, so this may not be necessary.
> (Thanks to Scott Banister and Andrew Flury for the inspiration for this
> algorithm.) This inference works as follows:"
>
> This seems backwards to me. If a user does nothing, then his network
> will be considered trusted by default? We are an ISP, and SA is running
> on our toasters. I don't want any machine trusted as that leaves a door
> open for my smtp relay users (viruses, trojans, just bad folks) to spam
> local users.
>
> JMHO, but shouldn't all networks be considered untrusted unless a user
> specifies otherwise?
I got to agree with you there - especially given that the inference
algorithm doesn't work in every environment.
- Sean
