You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Stuart Johnston <st...@ebby.com> on 2006/08/04 23:26:16 UTC
Internal Networks Not Trusted?
Shouldn't internal_networks be automatically trusted? When I use this config:
internal_networks 127/8 10.
trusted_networks 216.65.194.186
I get this:
[15275] dbg: received-header: parsed as [ ip=10.2.100.6 rdns= helo= by=ebby.com ident= envfrom=
intl=0 id=25268392 auth= ]
[15275] dbg: received-header: relay 10.2.100.6 trusted? no internal? no
[15275] dbg: received-header: parsed as [ ip=127.0.0.1 rdns=gateway.ebby.com helo=localhost
by=gateway.ebby.com ident= envfrom= intl=0 id=9C24A14E5D3 auth= ]
[15275] dbg: received-header: relay 127.0.0.1 trusted? no internal? no
[15275] dbg: received-header: parsed as [ ip=127.0.0.1 rdns= helo=gateway.ebby.com by=localhost
ident= envfrom= intl=0 id=10731-01-4 auth= ]
[15275] dbg: received-header: relay 127.0.0.1 trusted? no internal? no
[15275] dbg: received-header: parsed as [ ip=217.70.59.152 rdns=m152.zicom.pl helo=m152.zicom.pl
by=gateway.ebby.com ident= envfrom= intl=0 id=3A7C514E5F6 auth= ]
[15275] dbg: received-header: relay 217.70.59.152 trusted? no internal? no
Nobody is trusted or internal! Is there any reason you would want something internal but not
trusted? It doesn't look like that would work anyway. If I repeat the internal_networks as
trusted_networks, it gets what I want but seems unnecessarily redundant.
Am I missing something?
Re: Internal Networks Not Trusted?
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
Stuart Johnston wrote:
> Shouldn't internal_networks be automatically trusted? When I use this
> config:
>
> internal_networks 127/8 10.
> trusted_networks 216.65.194.186
>
> I get this:
>
> [15275] dbg: received-header: parsed as [ ip=10.2.100.6 rdns= helo=
> by=ebby.com ident= envfrom= intl=0 id=25268392 auth= ]
> [15275] dbg: received-header: relay 10.2.100.6 trusted? no internal? no
> [15275] dbg: received-header: parsed as [ ip=127.0.0.1
> rdns=gateway.ebby.com helo=localhost by=gateway.ebby.com ident= envfrom=
> intl=0 id=9C24A14E5D3 auth= ]
> [15275] dbg: received-header: relay 127.0.0.1 trusted? no internal? no
> [15275] dbg: received-header: parsed as [ ip=127.0.0.1 rdns=
> helo=gateway.ebby.com by=localhost ident= envfrom= intl=0 id=10731-01-4
> auth= ]
> [15275] dbg: received-header: relay 127.0.0.1 trusted? no internal? no
> [15275] dbg: received-header: parsed as [ ip=217.70.59.152
> rdns=m152.zicom.pl helo=m152.zicom.pl by=gateway.ebby.com ident=
> envfrom= intl=0 id=3A7C514E5F6 auth= ]
> [15275] dbg: received-header: relay 217.70.59.152 trusted? no internal? no
>
>
> Nobody is trusted or internal! Is there any reason you would want
> something internal but not trusted?
No.
> It doesn't look like that would
> work anyway. If I repeat the internal_networks as trusted_networks, it
> gets what I want but seems unnecessarily redundant.
>
> Am I missing something?
Yes.
The trusted and internal networks config is designed to do its best not
to mislead you into thinking you've configured it correctly. The above
configuration would cause a lint error in version 3.1.1 and later.
If it were to simply add your internal networks to trusted networks you
probably wouldn't have asked why it didn't do that and thus nobody would
tell you that 216.65.194.186 (gateway.ebby.com), your MX, should also be
included in internal networks (in fact you only need to configure
trusted networks since your internal networks should be the same).
Daryl
Re: Internal Networks Not Trusted?
Posted by Matt Kettler <mk...@comcast.net>.
Stuart Johnston wrote:
> Shouldn't internal_networks be automatically trusted?
Not when you manually declare both, such as below:
> When I use this config:
>
> internal_networks 127/8 10.
> trusted_networks 216.65.194.186