> > ALL_TRUSTED doesn't mean the host that handed you the mail is trusted. > It means *all* servers in the Received: chain are trusted. > > So if servers A and B are trusted, but C is not... > > A->B->You > would trigger all_trusted > C->B->You > would NOT trigger all_trusted > > ...even though both messages reach you from server B, which is trusted. > > A->C->You > would not trigger all_trusted either, because C is not trusted, > even though the original sender A is. (If you don't trust C to add > reliable headers, you can't be certain that it really came from A.)
Kevin, Interesting point, and something I have been struggling with. Since a inordinate % of spam seems to go through my secondary MX, I have been treating it as being outside of my trusted_network as it looks like it was tagging spam as ALL_TRUSTED when it should not have been. Are you saying that ALL_TRUSTED only kicks in if all hops in the path are trusted? My secondary MX has only rudimentary anti-spam filtering, and I thought SA was assuming it was safe if passed by that server. Dave --- Kind Regards, David http://www.flanigan.net
