> JMHO, but shouldn't all networks be considered untrusted unless a user > specifies otherwise?
I got to agree with you there - especially given that the inference algorithm doesn't work in every environment.
Unfortunately this only solves one aspect of the problem.
SA NEEDS to have the correct trust path.
Trusting nobody is just as bad as trusting everyone. Trusting nobody breaks whitelist_from_rcvd, for example.
