spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex <mysqlstud...@gmail.com>
Subject RCVD_IN_SBL_CSS and "deep headers"
Date Tue, 07 Jun 2016 17:46:13 GMT
Hi all,

I'm curious about the RCVD_IN_SBL_CSS rule and its 3.5 score. Doesn't
this seem a bit high?

I'm already using postscreen to add 4 points to messages received with
zen/sbl with return code 127.0.0.3, but also seeing quite a few
RCVD_IN_SBL_CSS hits, so I'm assuming this is the result of the 4
postscreen points not being enough for it to be rejected outright,
then subsequently being tagged by spamassassin.

These are "deep header" rules, though. Should users be penalized so
severely for using a dynamic address when it may not have been them
responsible for sending the spam that blacklisted that IP?

Many times it's only the X-Originating-IP header:

X-Originating-IP: [197.211.53.34]

This may be the dynamic IP used by the end-user to connect to their
ISP. I'd appreciate any thoughts on how to handle these cases. The
full headers for this message are here:

http://pastebin.com/6b7MTeYa

Thanks,
Alex

Mime
View raw message