spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From MySQL Student <mysqlstud...@gmail.com>
Subject Valid mail from blacklisted dynamic IPs
Date Fri, 09 Oct 2009 01:07:53 GMT
Hi,

I have a set of users that are authorized to use the mail server via
pop-before-smtp, but SA catches the mail they send through the system
as spam because they are on blacklisted Verizon or Comcast IPs:

X-Spam-Status: Yes, hits=5.4 tag1=-300.0 tag2=5.0 kill=5.0
 use_bayes=1 tests=BAYES_50, BOTNET, FH_HOST_EQ_VERIZON_P, RCVD_IN_PBL,
 RCVD_IN_SORBS_DUL, RDNS_DYNAMIC, RELAYCOUNTRY_US, SPF_SOFTFAIL

I also don't understand how SPF_SOFTFAIL could happen when there
wasn't any SPF record to test to begin with.

One of the Comcast users:

X-Spam-Status: Yes, hits=6.4 tag1=-300.0 tag2=5.0 kill=5.0
 use_bayes=1 tests=BAYES_50, BOTNET, DYN_RDNS_SHORT_HELO_HTML, HTML_MESSAGE,
 RCVD_IN_PBL, RCVD_IN_SORBS_DUL, RDNS_DYNAMIC, RELAYCOUNTRY_US, SPF_SOFTFAIL,
 SUBJ_ALL_CAPS

We are working on better Bayes training, but sans that problem, what
is the right way to address this, through a rule that whitelists their
specific IP?

Another mail that I'm dealing with is one sent by Marriott that hit
SARE_HTML_URI_REFID, DCC_CHECK, and AE_DETAILS_WITH_MONEY, among being
whitelisted by JMF/HOSTKARMA. I don't know how it hit DCC when there
are details in there specific to the user, including account numbers,
user names, etc. How should I go about allowing this type of mail
without disrupting its ability to block mail that should be blocked
with these rules? I'm sure I can add a rule subtracting points if it
hits these and comes from Marriott, but I thought there might be
something that could address the more general problem rather than this
specific one from Marriott. Perhaps I'm making it too hard.

Thanks,
Alex

Mime
View raw message