I have a user site geographically remote to my mail server, I've told them to use SMTP AUTH to be able to use the SMTP server, but, looking at the mail header of email I see this[1];
doing mxtoolbox lookup I see the IP addresses are listed in several blacklists[2]; one of the addresses is blacklisted for[3]: so, the remote site has a problem with potentially malware or spambots; I've told them to 'fix it' BUT, in the meanwhile, is there a way to exempt these user's mails from these sa scores ? as now I have a problem with their interoffice emails ending up as spam on the server spam mailbox it's a virtual email hosting, so I'm trying to reduce only this domain's sa scoring, temprarily, till they fix their problem I've entered their domian.tld in spamlovers, though, doesn't seem to help [1] X-Spam-Status: No, score=4.768 tagged_above=0.5 required=5.2 tests=[AWL=-0.099, BAYES_00=-1.9, RCVD_IN_BRBL_LASTEXT=1.449, RCVD_IN_PBL=3.335, RCVD_IN_SORBS_DUL=0.001, RDNS_DYNAMIC=0.982, TO_NO_BRKTS_DYNIP=1] autolearn=no X-Spam-Status: No, score=4.741 tagged_above=0.5 required=5.2 tests=[BAYES_00=-1.9, RCVD_IN_BL_SPAMCOP_NET=1.347, RCVD_IN_BRBL_LASTEXT=1.449, RCVD_IN_PSBL=2.7, RCVD_IN_SORBS_WEB=0.77, RCVD_IN_XBL=0.375] autolearn=no X-Spam-Status: Yes, score=6.783 tag=0.5 tag2=5.2 kill=5.9 tests=[AWL=-1.776, BAYES_00=-1.9, FSL_HELO_NON_FQDN_1=0.001, HELO_NO_DOMAIN=1, HTML_MESSAGE=0.001, RCVD_IN_BL_SPAMCOP_NET=1.347, RCVD_IN_BRBL_LASTEXT=1.449, RCVD_IN_PSBL=2.7, RCVD_IN_RP_RNBL=1.31, RCVD_IN_SORBS_WEB=0.77, RCVD_IN_XBL=0.375, SUBJ_ALL_CAPS=1.506] autolearn=no [2] http://www.mxtoolbox.com/SuperTool.aspx?action=blacklist%3a61.90.192.106 http://cbl.abuseat.org/lookup.cgi?ip=61.90.192.106 [3] --- It was detected at 2010-02-25 10:00 GMT (+/- 30 minutes), approximately 14 hours ago. There will usually be a link to self-remove this IP from the CBL at the end of this page, but read the following text first ATTENTION: At the time of detection, this IP was infected with, or NATting for a computer infected with a high volume spam sending trojan - it is participating or facilitating a botnet sending spam or spreading virus/spam trojans. ATTENTION: If you simply repeatedly remove this IP address from the CBL without correcting the problem, the CBL WILL eventually stop letting you delist it and you will have to contact us directly. This is the rustock spamBOT --- -- Voytek ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/