jdow wrote:
From: "Daryl C. W. O'Shea" <[EMAIL PROTECTED]>
Bart Schaefer wrote:
On 6/29/06, Daryl C. W. O'Shea <[EMAIL PROTECTED]> wrote:
EVERYTHING after an MX MUST be listed as BOTH trusted and internal
networks.
Under what circumstances would one list something as internal but not
trusted?
NEVER. Newer versions of SA won't even allow you to make that
misconfiguration.
Gawd I hope not.
Well I hope so. It's the only way that (a) makes sense and (b) works right.
Note that we're talking about internal networks always being trusted,
not that trusted networks are always internal.
The Earthlink mail servers are ABSODAMNLUTELY not part
of my internal network. But if I do not list them with trusted networks
I visit the land of ALL_TRUSTED.
I'm assuming you're still using 3.0.x which has a number of flaws when
trusted != internal networks.
Whenever you move to 3.1 or 3.2 you'll see that the appropriate
Earthlink hosts should indeed by listed as part of your internal network
and not just your trusted network.
ALL hosts after (and including) the MX that accepts mail on your behalf
are a part of your internal network.
Of course we've been over this before...
Forcing them to be the same is a fatal bug.
Well, we're not forcing you to configure it that way, but you really
should. :)
Daryl
