On 10/4/19 12:22 PM, A. Schulze wrote:
Hi Grant,
Maybe we're talking about different things :-)
Based on your description, I believe we are talking about different
things. Thank you for the clarification.
The OpenDMARC bug could be triggered by this RFC5322.From:
From: user , user
I noticed the same thing this morning. This is new for me as of
yesterday. They appear legit, but they get caught up in my filters for
the dyn ip "appearance".
From: Kenneth Porter
Sent: Saturday, October 5, 2019 10:05 AM
To: users@spamassassin.apache.org
Sub
(Nothing wrong with SA. Just an FYI about a popular service that abuses the
Internet and SA catches it.)
I noticed one of my notifications from Facebook today got tagged by SA.
Here's the two that put it over:
3.9 HELO_DYNAMIC_IPADDR2 Relay HELO'd using suspicious hostname (IP addr 2)
1.5 RCV