On 2021-04-12 03:11 AM, Matthias Leisi wrote:
> -2.0 RCVD_IN_DNSWL_HI RBL: Sender listed at
> https://www.dnswl.org/,
> high trust
> [203.160.71.180 listed in list.dnswl.org [1]] I looked up this, and the other
> one, and didn't find them in dnswl. As
> others said, if you are using publi
>> -2.0 RCVD_IN_DNSWL_HI RBL: Sender listed at
>> https://www.dnswl.org/,
>>high trust
>>[203.160.71.180 listed in list.dnswl.org]
> I looked up this, and the other one, and didn't find them in dnswl. As
> others said, if you are usin
Steve Dondley writes:
> Note: I've changed the score of RCVD_IN_DNSWL_HI hits to -2.0 from
> -5.0 until I get my misconfiguration figured out. Thanks for your
> patience.
Fair enough; that's not an unreasonable thing to do.
Probably you want to turn report_safe to 0 for doing this testing.
>
On 10 Apr 2021, at 12:55, Steve Dondley wrote:
You should fix URIBL_BLOCKED first.
You need a local, caching, non-forwarding DNS server for
SpamAssassin.
Yeah, setting up a DNS server for SA is on my todo list. Thanks.
When you say local, it doesn't have to be on the same machine as
spamass
On 2021-04-10 17:51, Steve Dondley wrote:
I have been looking at this issue a little more. I just grepped my
spam folder. Out of 1000 emails I have flagged as spam, 321 have been
flagged with RCVD_DNSWL_HI, a rule which adds -5 points to the eamil.
That's almost 1 out of 3 emails which seems pret
On 2021-04-10 17:36, Steve Dondley wrote:
Is anyone else seeing spam getting flagged with RCVD_DNSWL_HI
resulting in so many false positives?
report this ip to dnswl with content as provding evedence, you know
admins from dnswl.org here recently asked for this ?
You should fix URIBL_BLOCKED first.
You need a local, caching, non-forwarding DNS server for SpamAssassin.
Yeah, setting up a DNS server for SA is on my todo list. Thanks.
When you say local, it doesn't have to be on the same machine as
spamassassin, does it? I assume I can have the DNS ser
It would be helpful to post an entire actual set of headers --
unmodified -- along with the spamassassin -t report. I can't figure
out (from what you posted) the IP address of the server that was in
DNSWL_HI that delivered mail to your internal/trusted network.
OK, here is the entire output
On 10 Apr 2021, at 12:19, Steve Dondley wrote:
On 2021-04-10 12:10 PM, Greg Troxel wrote:
Steve Dondley writes:
Here are the headers from some egregious spam. It scored a whopping
20.8 point despite being flagged with "RCVD_IN_DNSWL_HI."
Return-Path:
Delivered-To: s...@example.com
Received
Steve Dondley writes:
> On 2021-04-10 12:10 PM, Greg Troxel wrote:
>> Steve Dondley writes:
>>
>>> Here are the headers from some egregious spam. It scored a whopping
>>> 20.8 point despite being flagged with "RCVD_IN_DNSWL_HI."
>>>
>>> Return-Path:
>>> Delivered-To: s...@example.com
>>> Recei
You do obviously have a very misconfigured system on your end.
Den 10-04-2021 kl. 17:51 skrev Steve Dondley:
>
> X-Spam-Status: Yes, score=20.8 required=5.0 tests=BASE64_LENGTH_79_INF,
> [...]
> ***RCVD_IN_DNSWL_HI***,RCVD_IN_PSBL,RCVD_IN_RP_RNBL,RCVD_IN_SBL_CSS,
> RCVD_IN_VALIDITY_RPB
Steve Dondley writes:
Here are the headers from some egregious spam. It scored a whopping
20.8 point despite being flagged with "RCVD_IN_DNSWL_HI."
Return-Path:
Delivered-To: s...@example.com
Received: from email.example.com
by email.example.com with LMTP
id AnV2NSCZbmCTcQAAB60
Steve Dondley writes:
> From: Steve Dondley
> Date: Sat, 10 Apr 2021 11:51:16 -0400
>
>
> > I have been looking at this issue a little more. I just grepped my
> > spam folder. Out of 1000 emails I have flagged as spam, 321 have been
> > flagged with RCVD_DNSWL_HI, a rule which adds -5 poi
On 2021-04-10 12:10 PM, Greg Troxel wrote:
Steve Dondley writes:
Here are the headers from some egregious spam. It scored a whopping
20.8 point despite being flagged with "RCVD_IN_DNSWL_HI."
Return-Path:
Delivered-To: s...@example.com
Received: from email.example.com
by email.example
Steve Dondley writes:
> Here are the headers from some egregious spam. It scored a whopping
> 20.8 point despite being flagged with "RCVD_IN_DNSWL_HI."
>
> Return-Path:
> Delivered-To: s...@example.com
> Received: from email.example.com
> by email.example.com with LMTP
> id AnV2NSCZ
I have been looking at this issue a little more. I just grepped my
spam folder. Out of 1000 emails I have flagged as spam, 321 have been
flagged with RCVD_DNSWL_HI, a rule which adds -5 points to the eamil.
That's almost 1 out of 3 emails which seems pretty insane.
Here are the headers from s
On 2021-04-06 11:48 AM, Steve Dondley wrote:
I have emails that have been flagged as spam in the past but that are
still getting through, presumably because the servers are on some
DNSWL.
Example:
X-Spam-Status: No, score=0.9 required=5.0 tests=BAYES_99,BAYES_999,
DATE_IN_PAST_03_06,DKIM_SI
RW writes:
> On Tue, 06 Apr 2021 12:03:52 -0400
> Greg Troxel wrote:
>
>
>> You can and probably should report spam to dnswl. In theory HI should
>> have essentially no spam.
>
> I thought that because I've never received a single spam with it, but in
> mass checks it's at 0.23% of spam.
Do y
On Tue, 06 Apr 2021 12:03:52 -0400
Greg Troxel wrote:
> You can and probably should report spam to dnswl. In theory HI should
> have essentially no spam.
I thought that because I've never received a single spam with it, but in
mass checks it's at 0.23% of spam.
Den 06-04-2021 kl. 19:23 skrev Bill Cole:
> Because DNSWL has problematic sources,
Depending on the eyes looking at it, for NONE, maybe true? - "These are
legitimate mail servers, but they may also emit spam or have other
issues from time to time."
But there shouldn't be any kind of "problemati
On 2021-04-06 21:12, Arne Jensen wrote:
Den 06-04-2021 kl. 17:48 skrev Steve Dondley:
I have emails that have been flagged as spam in the past but that are
still getting through, presumably because the servers are on some
DNSWL.
Example:
X-Spam-Status: No, score=0.9 required=5.0 tests=BAYES_
Den 06-04-2021 kl. 17:48 skrev Steve Dondley:
> I have emails that have been flagged as spam in the past but that are
> still getting through, presumably because the servers are on some DNSWL.
>
> Example:
>
> X-Spam-Status: No, score=0.9 required=5.0 tests=BAYES_99,BAYES_999,
> DATE_IN_PAST_0
On 6 Apr 2021, at 11:48, Steve Dondley wrote:
I have emails that have been flagged as spam in the past but that are
still getting through, presumably because the servers are on some
DNSWL.
Example:
X-Spam-Status: No, score=0.9 required=5.0 tests=BAYES_99,BAYES_999,
DATE_IN_PAST_03_06,DKI
Steve Dondley writes:
> I have emails that have been flagged as spam in the past but that are
> still getting through, presumably because the servers are on some
> DNSWL.
>
> Example:
>
> X-Spam-Status: No, score=0.9 required=5.0 tests=BAYES_99,BAYES_999,
> DATE_IN_PAST_03_06,DKIM_SIGNED,DKI
I have emails that have been flagged as spam in the past but that are
still getting through, presumably because the servers are on some DNSWL.
Example:
X-Spam-Status: No, score=0.9 required=5.0 tests=BAYES_99,BAYES_999,
DATE_IN_PAST_03_06,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,
HTML_IMAGE
25 matches
Mail list logo