Russ Ringer wrote: > I think I did this a long time ago when I got scores lowered from > ALL_TRUSTED. Nothing is trusted, it only gets mail from outside.
Bad admin, no biscuit.. "Nothing is trusted" is impossible in SA. You *MUST* trust at least one host (your own server). In fact, it's impossible to not trust any servers. If you don't declare your trusted_networks, SA will try to guess what it should be. After all, if you can't even trust yourself, you can't tell what is and is not real. Most people refer to such a state as insanity. Trust here has to do with trusting the Received: headers to be free of forgery. A trusted host is not assumed to be "spam free", just operating in a normal legitimate manner and accurately reporting the source IP for the mail in the Received: header. In general you should "trust no one (else)" but you need to at least trust your own server to not commit acts of header forgery. SA works a whole lot better when it knows which headers are trustworthy.