Trusted Hosts

[le...@srs.gov]

I'm wanting to test SA's SPF implementation here by running a test message 
through a "sandbox" machine that
is configured like our production environment.

Our domain has an SPF record, and I've made sure that it's reflected on 
our internal network.  I've tested SPF
as a standalone implementation, and messages coming through that route get 
rejected like they're supposed
to.

When I try to hand this off to SA, it appears that my test machine and the 
message itself is getting flagged as
ALL_TRUSTED, and because of that, the SPF plugin doesn't even try to 
validate the IP against the domain.

What do I have to do in order to make this a "non-trusted" transaction?  I 
can't find how "ALL_TRUSTED" is set
or determined.

Thanks!

Re: Trusted Hosts

[Matt Kettler <mk...@comcast.net>]

leonard.gray@srs.gov wrote:
>
> I'm wanting to test SA's SPF implementation here by running a test
> message through a "sandbox" machine that
> is configured like our production environment.
>
> Our domain has an SPF record, and I've made sure that it's reflected
> on our internal network.  I've tested SPF
> as a standalone implementation, and messages coming through that route
> get rejected like they're supposed
> to.
>
> When I try to hand this off to SA, it appears that my test machine and
> the message itself is getting flagged as
> ALL_TRUSTED, and because of that, the SPF plugin doesn't even try to
> validate the IP against the domain.
>
> What do I have to do in order to make this a "non-trusted"
> transaction?  I can't find how "ALL_TRUSTED" is set
> or determined.
It finds out by either guessing, or by you setting it with the
trusted_networks command.

see:
http://wiki.apache.org/spamassassin/TrustPath