>> It will if you enable SHORTCIRCUIT'ing of whitelist_from > no it will not, it skips many rules which would not have any effect > because the large negative score but it *will not* bypass
Technically it doesn't bypass SA but it effectively does the same thing. Depends on what you mean by "bypass." If you don't want SA involved at all, then you are correct. If you want all your mail to go through SA and some safely and reliably skipped with minimal CPU hits, then you can do this with SHORTCIRCUIT and whitelist_auth/ whitelist_from_rcvd. There is a valid use for whitelist_from_spf and whitelist_from_dkim when you trust the sending mail server but you don't want to trust any mail server to send for that domain.