> if mail contains Received headers indicating that mail was forwarded by a > trusted hop (a hop is not necessarily a box. it may be a proxy, an MTA > instance, ... etc), then addresses may have been rewritten and are thus > "untrusted".
On my box there's only my mail server & SA. No proxies etc. IIUC from reading, there are no hops -- trusted or otherwise -- on my server. Or are you suggesting that there's something at issue on the sender's end of the transaction, given the headers above? If so, is there a less-global way to trust just THAT sender, rather than what I presume to be SA-wide "always_trust_envelope_sender=1"?
