Hello, On Tue, Feb 06, 2018 at 03:34:34PM -0800, Laura Atkins wrote: > > On Feb 6, 2018, at 2:49 PM, John Levine <jo...@taugh.com> wrote: > > Putting a URL in a List-Unsubscribe header is an entirely reasonable > > thing to do, and lots of ESPs do it. > > Lots of non-ESPs do it, too. > > List-Unsubscribe: <https://chilli.nosignal.org/cgi-bin/mailman/options/mailop>
When it comes to SpamCop it is never offering to report URLs found in a List-Unsubscribe header so it must have been taught to ignore those. It is also ignoring URLs in the header X-Spam-Report, the default SpamAssassin report header. The problem comes when a custom report header is used, e.g.: X-Zen-Spam-Report: * -0.5 FIRST_RELAY_GB No description available. * -0.0 ZEN_PTR_PASS Passed Mail Relay Reverse DNS Test * -0.0 ZEN_HELO_PASS Passed HELO Reverse DNS Test * 1.0 RCVD_IN_SENDERSCORE_25_49 RBL: Senderscore 25-49 * [37.61.232.130 listed in score.senderscore.com] * 3.0 RCVD_IN_S5HBL RBL: Listed at all.s5h.net * [See <http://s5h.net/rbl>] * 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail * domains are different * 1.6 SUBJ_ALL_CAPS Subject is all capitals * 0.0 NORMAL_HTTP_TO_IP URI: URI host has a public dotted-decimal IPv4 * address * 0.0 HTML_MESSAGE BODY: HTML included in message * 1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts * -0.1 KAM_RPTR_PASSED No description available. * 2.0 KAM_BADIPHTTP Due to the Storm Bot Network, IPs in emails is bad * 0.0 RCVD_NOT_IN_IPREPDNS Sender not listed at * http://www.chaosreigns.com/iprep/ * 0.5 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any * anti-forgery methods * -0.5 ZEN_PTR_PASS_GOOD Passed Mail Relay Reverse DNS Test - Good Rep (Zen being a fairly large UK broadband provider) Now the SpamCop user is allowed to report s5h.net and chaosreigns.com, and some inevitably do because there is just one "report" button that sends all reports at once. Obviously whitelisting by header isn't going to work since the report header can be anything, and there's going to be lots of other headers where URLs can be useful. I question the value in SpamCop looking at anything in an X- header. The end user is not normally going to be seeing them, so the concept of them being "spamvertized" doesn't really follow for me. That's not to say the headers shouldn't be considered by a Bayes technique or whatever. Anyway, if anyone on list knows the SpamCop people maybe you could mention it, other than that I'll shut up about it. :) Cheers, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
