https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7416
Dave Jones <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #4 from Dave Jones <[email protected]> --- The HEADER_FROM_DIFFERENT_DOMAINS rule in my SA 3.4.1 instance is in 72_active.cf: ifplugin Mail::SpamAssassin::Plugin::FreeMail ifplugin Mail::SpamAssassin::Plugin::HeaderEval if (version >= 3.004000) header HEADER_FROM_DIFFERENT_DOMAINS eval:check_equal_from_domains() describe HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different # score HEADER_FROM_DIFFERENT_DOMAINS 0.25 tflags HEADER_FROM_DIFFERENT_DOMAINS publish endif endif endif This is pretty clear that the FreeMail and HeaderEval plugin must be enabled before this rule is going to run. BTW, I am seeing many hits on this rule in my logs. Type-o on my previous search. It's mostly mail forwarded from google.com and other servers. It looks like this would work in a meta rule so we could close this bug even though this wouldn't help the original mailing list issue. The issue was an email sent as yahoo.co.jp through yahoo.com mail servers with a return/reply address of gmail.com. The spammer probably couldn't send the email from a Google account without being blocked or detected. This could best be handled in the FreeMail plugin to detect different sender and reply-to FreeMail domains to add a little to the score. -- You are receiving this mail because: You are the assignee for the bug.
