You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@spamassassin.apache.org by Apache Wiki <wi...@apache.org> on 2011/10/11 21:11:18 UTC

[Spamassassin Wiki] Update of "TrustPath" by Darxus

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Spamassassin Wiki" for change notification.

The "TrustPath" page has been changed by Darxus:
http://wiki.apache.org/spamassassin/TrustPath?action=diff&rev1=29&rev2=30

Comment:
Adding X-Spam-RelaysUntrusted header for testing

      * SPF tests misfiring (failing when they should pass and vice versa).
      * False positives on non-spam mail coming from "dynamic" or "dialup" addresses in your own network.
      * AutoWhitelist mismatches on forged mail due to confusion about the source IP.
+ 
+ Your trust path can be tested by adding the following to your !SpamAssassin config:
+ {{{
+ add_header all RelaysUntrusted _RELAYSUNTRUSTED_
+ }}}
+ 
+ This will add headers similar to "{{{X-Spam-!RelaysUntrusted: [ ip=140.211.11.3 rdns=hermes.apache.org....}}}".  The first IP address is the IP which will be used for network tests like RBLs and SPF.
  
  
  If you see these warning signs frequently, you probably need to manually configure trusted_networks. See the [[http://spamassassin.apache.org/doc/Mail_SpamAssassin_Conf.html|Mail::Spamassassin::Conf]] manpage for details. Generally you want trusted_networks set to contain all the mailservers you control that add Received: headers, and nothing else. For proper operation of DUL and SPF tests on authenticated mail submission from dynamic/"dialup" hosts, see DynablockIssues.