[Bug 7915] New: TLD Discrimination

Tue, 06 Jul 2021 16:53:00 -0700 

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7915

            Bug ID: 7915
           Summary: TLD Discrimination
           Product: Spamassassin
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Rules
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: Undefined

Let me start by saying that I am not a user of Spam Assassin. However, I am a
developer. I run a small software company at www.weavers.space. Sending email
to my customers has been a major pain for years. And it's all because of your
software discriminating on non-traditional TLDs. 

I sent an email to my customers today and received a X-Spam-Score of 4.9.
Anything above a 5 is considered spam. I know that many of my customers miss
emails that they signed up to receive because it gets added into SPAM. 

I have worked very hard to improve my emails so that I get the lowest score
possible. I think that I have reached a place where getting my score any lower
is virtually impossible. Here is the results from testing my latest email that
I sent to my customers. 

X-Spam-Hits: BAYES_50 0.8, FROM_SUSPICIOUS_NTLD 0.499, FROM_SUSPICIOUS_NTLD_FP
1.6, HTML_FONT_LOW_CONTRAST 0.001, HTML_IMAGE_RATIO_04 0.001, HTML_MESSAGE
0.001, ME_HAS_VSSU 0.001, ME_SENDERREP_NEUTRAL 0.001, PDS_OTHER_BAD_TLD 1.999,
RCVD_IN_DNSWL_NONE -0.0001, RCVD_IN_MSPIKE_H3 0.001, RCVD_IN_MSPIKE_WL 0.001,
SPF_HELO_NONE 0.001, SPF_PASS -0.001, T_REMOTE_IMAGE 0.01, LANGUAGES en,
BAYES_USED user, SA_VERSION 3.4.2

If we look at this, there are 3 tests that are 100% biased based solely on my
domain's .space TLD:

* FROM_SUSPICIOUS_NTLD 0.499
* FROM_SUSPICIOUS_NTLD_FP 1.6
* PDS_OTHER_BAD_TLD 1.999

Based on just these 3 tests alone, I have a spam score of 4.1! This means if
SpamAssassin did not discriminate based on TLD, I would have a really amazing
score of 0.8. 

I can full understand that many spammers work from fringe TLDs. However, there
must to be a better way to target them than simply blindly blocking a TLD. Why
not take into account SPF, DKIM and DMARC? 

Punishing valid businesses by giving them a starting score of 4.1 just because
they chose an irregular TLD is immoral and dare I say lazy. A better solution
needs to be found.

I have scoured the internet for a better solution for years. There is very
little out there about this. If I am making any wrong assumptions, please let
me know. I look forward to hearing back from you.

-- 
You are receiving this mail because:
You are the assignee for the bug.

Reply via email to