Re: wordpress whitelist entry
On Tue, 9 Oct 2018 20:04:53 + David Jones wrote: > On 10/9/18 2:21 PM, RW wrote: > > > > I've recently noticed that newsletters from a small wordpress site > > are hitting USER_IN_DEF_SPF_WL. > > > > The headers are of the form: > > > >Return-Path: > >... > >To: m...@example.com > >From: Some Amateur Website > > > > and the use of the bounce handling subdomain b.wordpress.com is > > causing a match on: > > > >def_whitelist_auth *@*.wordpress.com > > > > Theses emails are legitimate, and I've not had much wordpress spam, > > but they are essentially freemail bulk mail. > > > > I am not understanding the question or issue. If they 1) don't send > spam, 2) only send opt-in email with a valid opt-out option and 3) > they quickly handle any abuse reports then they should be considered > a trusted sender. Since these are system-generated emails and not > real human mailboxes that can be compromised to send spam, then that > def_whitelist_auth entry is safe. They aren't system generated, they come from individual end-users. For all we know, users who run XP boxes and don't know what a firewall is. It may well be that wordpress has the whole thing nailed down with enforced opt-ins, CAPTCHAs etc. Without actually knowing that, it seems a legitimate cause for concern.
Re: wordpress whitelist entry
On 10/9/18 2:21 PM, RW wrote: > > I've recently noticed that newsletters from a small wordpress site are > hitting USER_IN_DEF_SPF_WL. > > The headers are of the form: > >Return-Path: >... >To: m...@example.com >From: Some Amateur Website > > and the use of the bounce handling subdomain b.wordpress.com is > causing a match on: > >def_whitelist_auth *@*.wordpress.com > > Theses emails are legitimate, and I've not had much wordpress spam, but > they are essentially freemail bulk mail. > I am not understanding the question or issue. If they 1) don't send spam, 2) only send opt-in email with a valid opt-out option and 3) they quickly handle any abuse reports then they should be considered a trusted sender. Since these are system-generated emails and not real human mailboxes that can be compromised to send spam, then that def_whitelist_auth entry is safe. Once we find evidence that any def_whitelist_auth sender fails to follow all 3 rules above then post an example here via pastebin.com and we will take appropriate action. -- David Jones
wordpress whitelist entry
I've recently noticed that newsletters from a small wordpress site are hitting USER_IN_DEF_SPF_WL. The headers are of the form: Return-Path: ... To: m...@example.com From: Some Amateur Website and the use of the bounce handling subdomain b.wordpress.com is causing a match on: def_whitelist_auth *@*.wordpress.com Theses emails are legitimate, and I've not had much wordpress spam, but they are essentially freemail bulk mail.
unsubscribe
unsubscribe
Re: What is rule: KP_LIST_ID_DOMAIN_IN_RACKETS?
> RW kirjoitti 6.10.2018 kello 17.17: > > On Sat, 6 Oct 2018 10:57:00 +0300 > Jari Fredriksson wrote: > >> -15 KP_LIST_ID_DOMAIN_IN_BRACKETS List-id has domain in angle >>brackets >> >> This exists in lots and lots of my spam, and that -15 its seems very >> odd… >> >> This appeared with 3.4.2 last week… > > It was posted to this list in this thread: > > http://spamassassin.1065346.n5.nabble.com/Malformed-List-Id-header-td150228.html > > __KP_LIST_ID_DOMAIN_IN_BRACKETS was part of a test for a malformed > list-id. Assigning a score to it was just a part of the author's local > workflow at the time. > > It's not in the rules at the moment. > Thanks. I found it from my local rules. Bah… br. jarif