At 10:17 AM 11/4/2004, Sean Doherty wrote:
> JMHO, but shouldn't all networks be considered untrusted unless a user > specifies otherwise?
I got to agree with you there - especially given that the inference algorithm doesn't work in every environment.
Unfortunately this only solves one aspect of the problem.
SA NEEDS to have the correct trust path.
Trusting nobody is just as bad as trusting everyone. Trusting nobody breaks whitelist_from_rcvd, for example.
While i agree that trusting no one doesnt really solve the problem, I dont believe it is "just as bad" as trusting everyone. Trusting everyone stops other rules from firing and adds atleast -2.something to every message. This seems far worse than trusting no one and breaking whitelist_from_rcvd.
-Jim
