You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by John Hardin <jh...@impsec.org> on 2009/04/30 04:18:14 UTC
sa-update and trusted_networks
...I thought 127/8 was in trusted networks by default with 3.2.mumble?
# sa-update -D
[27722] dbg: generic: SpamAssassin version 3.2.5
...
[27722] dbg: conf: trusted_networks are not configured; it is recommended
that you configure trusted_networks manually
Or is trusted_networks even relevant to sa-update?
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
The real opiate of the masses isn't religion; it's the belief that
somewhere there is a benefit that can be delivered without a
corresponding cost. -- Tom of "Radio Free NJ"
-----------------------------------------------------------------------
9 days until the 64th anniversary of VE day
Re: sa-update and trusted_networks
Posted by John Hardin <jh...@impsec.org>.
On Thu, 30 Apr 2009, Matt Kettler wrote:
> An errant trusted_networks isn't going to hurt sa-update, and is
> probably a cosmetic bug.
That's what I thought, I just wanted to confirm.
Thanks!
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Gun Control enables genocide while doing little to reduce crime.
-----------------------------------------------------------------------
8 days until the 64th anniversary of VE day
Re: sa-update and trusted_networks
Posted by Matt Kettler <mk...@verizon.net>.
John Hardin wrote:
> On Wed, 29 Apr 2009, Matt Kettler wrote:
>
>> John Hardin wrote:
>>> ...I thought 127/8 was in trusted networks by default with 3.2.mumble?
>>>
>>> # sa-update -D
>>> [27722] dbg: generic: SpamAssassin version 3.2.5
>>> ...
>>> [27722] dbg: conf: trusted_networks are not configured; it is
>>> recommended that you configure trusted_networks manually
>>
>> If nothing is declared at all, the auto-guesser is engaged. 127/8 is
>> trusted, and working back in time from the most recent host, all
>> unroutable (ie: RFC reserved) IPs are trusted, and the first routable IP
>> is assumed to be your MX and is trusted.
>>
>> If you declare something manually, 127/8 is assumed in addition to what
>> you specify.
>
> Okay.
>
> That error is odd, because I have my MTA public address still defined,
> I just had removed 127/8 from the list.
It's possible that sa-update bypasses that part of the initialization.
If you don't get the same message out of spamassassin -D, I'd ignore it.
An errant trusted_networks isn't going to hurt sa-update, and is
probably a cosmetic bug.
Re: sa-update and trusted_networks
Posted by John Hardin <jh...@impsec.org>.
On Wed, 29 Apr 2009, Matt Kettler wrote:
> John Hardin wrote:
>> ...I thought 127/8 was in trusted networks by default with 3.2.mumble?
>>
>> # sa-update -D
>> [27722] dbg: generic: SpamAssassin version 3.2.5
>> ...
>> [27722] dbg: conf: trusted_networks are not configured; it is
>> recommended that you configure trusted_networks manually
>
> If nothing is declared at all, the auto-guesser is engaged. 127/8 is
> trusted, and working back in time from the most recent host, all
> unroutable (ie: RFC reserved) IPs are trusted, and the first routable IP
> is assumed to be your MX and is trusted.
>
> If you declare something manually, 127/8 is assumed in addition to what
> you specify.
Okay.
That error is odd, because I have my MTA public address still defined, I
just had removed 127/8 from the list.
>> Or is trusted_networks even relevant to sa-update?
>
> It's 100% irrelevant to sa-update.
Thought so.
> It is relevant to lots of rules in SA's mail scanning.
Yeah, I know that... :)
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Gun Control is marketed to the public using the appealing delusion
that violent criminals will obey the law.
-----------------------------------------------------------------------
9 days until the 64th anniversary of VE day
Re: sa-update and trusted_networks
Posted by Matt Kettler <mk...@verizon.net>.
John Hardin wrote:
> ...I thought 127/8 was in trusted networks by default with 3.2.mumble?
>
> # sa-update -D
> [27722] dbg: generic: SpamAssassin version 3.2.5
> ...
> [27722] dbg: conf: trusted_networks are not configured; it is
> recommended that you configure trusted_networks manually
If nothing is declared at all, the auto-guesser is engaged. 127/8 is
trusted, and working back in time from the most recent host, all
unroutable (ie: RFC reserved) IPs are trusted, and the first routable IP
is assumed to be your MX and is trusted.
If you declare something manually, 127/8 is assumed in addition to what
you specify.
>
> Or is trusted_networks even relevant to sa-update?
>
It's 100% irrelevant to sa-update. It is relevant to lots of rules in
SA's mail scanning.