Dave Funk wrote: > If he's got his "trusted_networks" configured correctly (has his MX/relays > listed) shouldn't that take care of the problem? > > It looks like RCVD_IN_DNSWL_MED examines "firstuntrusted" and if he trusts > his MX/relays correctly then this shouldn't be happening.
Yes, exactly. We trust the relay IPs of a number of outside systems so that DNSBL checks on the relay IP work correctly; this includes a third-party filter we inherited from two different ISP buyouts and a number of hosting providers who host domain alias addresses forwarded to accounts on our system. I'm still on the fence about including Hotmail, Yahoo!, or Google IPs in this list - even if we get relay mail from them where a) our customer has eg their Hotmail account forwarded to their account with us, or b) a major ISP has outsourced their email to Yahoo! (eg Rogers, last I checked), and our customer has an old address at this provider forwarded to their account on our system. -kgd