--- local.cf.orig	2016-10-24 21:29:10.000000000 +0200
+++ local.cf	2016-10-25 18:48:39.000000000 +0200
@@ -15,18 +15,20 @@
 #   Save spam messages as a message/rfc822 MIME attachment instead of
 #   modifying the original message (0: off, 2: use text/plain instead)
 #
-# report_safe 1
+report_safe 0
 
 
 #   Set which networks or hosts are considered 'trusted' by your mail
 #   server (i.e. not spammers)
 #
-# trusted_networks 212.17.35.
+internal_networks 188.183.5.254/32
+trusted_networks 188.183.5.254/32 80.68.88.141/32 217.197.91.142 94.18.231.208/29 146.185.137.224
+whitelist_bounce_relays mail.bitbase.dk mail.free-owl.de mail.homebase.dk mail.copyninja.info
 
 
 #   Set file-locking method (flock is not safe over NFS, but is faster)
 #
-# lock_method flock
+lock_method flock
 
 
 #   Set the threshold at which a message is considered spam (default: 5.0)
@@ -55,7 +57,7 @@
 #   Whether to decode non- UTF-8 and non-ASCII textual parts and recode
 #   them to UTF-8 before the text is given over to rules processing.
 #
-# normalize_charset 1
+normalize_charset 1
 
 #   Some shortcircuiting, if the plugin is enabled
 # 
@@ -79,7 +81,7 @@
 #   if you have taken the time to correctly specify your "trusted_networks",
 #   this is another good way to save CPU
 #
-# shortcircuit ALL_TRUSTED             on
+shortcircuit ALL_TRUSTED             on
 
 #   and a well-trained bayes DB can save running rules, too
 #
@@ -87,3 +89,12 @@
 # shortcircuit BAYES_00                ham
 
 endif # Mail::SpamAssassin::Plugin::Shortcircuit
+
+#   Avoid bayesian filter (requires continuous training)
+use_learner 0
+
+#   Treat non-Western charsets as suspicious
+ok_locales en
+
+#   Avoid BarracudaCentral (too aggressive)
+dns_query_restriction deny barracudacentral.org