On 25/12/17 10:45, Reindl Harald wrote:
Am 25.12.2017 um 09:28 schrieb Sebastian Arcus:
On 23/12/17 10:01, Kevin A. McGrail wrote:
The 1st step is that a representaive of the rbl asks us to consider
for inclusion.
Thank you. If enough people receive spam sanctioned by a particular
whitelist, will the minus scores associated with their rule(s) be
reduced over time?
maybe, but why not just override the score in local.cf
/etc/mail/spamassassin/local-*.cf
score RCVD_IN_IADB_DK -0.3
score RCVD_IN_IADB_DOPTIN -1.0
score RCVD_IN_IADB_DOPTIN_GT50 -0.5
score RCVD_IN_IADB_DOPTIN_LT50 -0.1
score RCVD_IN_IADB_LISTED -0.001
score RCVD_IN_IADB_ML_DOPTIN -2.5
score RCVD_IN_IADB_OPTIN -0.05
score RCVD_IN_IADB_OPTIN_GT50 -0.2
score RCVD_IN_IADB_OPTIN_LT50 -0.1
score RCVD_IN_IADB_RDNS -0.05
score RCVD_IN_IADB_SENDERID -0.5
score RCVD_IN_IADB_SPF -0.1
score RCVD_IN_IADB_VOUCHED -2.0
I know I can override the scores for all sorts of things in local.cf.
The reason I was raising the question is because I was wondering if
whitelists can be used by unscrupulous marketing organisations to
effectively undo what is one of the main functions of SA - to reduce or
stop unsolicited email.
Also, any idea why are there 6 different rules associated with this
particular whitelist?
these are 6 different lists, just read the description you even posted
on the right side of the score
Well, they might be technically 6 different lists, but IADB is one
single entity, and including 6 different whitelists from them only looks
like a way to reduce the SA score for email from their "certified"
senders further. After all SA already checks separately for things like
RDNS, DKIM, SPF.
On December 23, 2017 3:03:26 AM EST, Sebastian Arcus
<s.ar...@open-t.co.uk> wrote:
What is the process of including whitelists in SA default
configs? It is
not the first time I see pretty obvious mailing list spam which has
quite high minus scores from 2-3 whitelists included in SA:
-1.5 RCVD_IN_IADB_OPTIN RBL: IADB: All mailing list mail is
opt-in
[205.201.128.83
<http://205.201.128.83> listed iniadb.isipp.com
<http://iadb.isipp.com>]
-0.1 RCVD_IN_IADB_DK RBL: IADB: Sender publishes Domain
Keys record
-0.2 RCVD_IN_IADB_RDNS RBL: IADB: Sender has reverse DNS record
-0.0 RCVD_IN_IADB_SENDERID RBL: IADB: Sender publishes Sender ID
record
-2.2 RCVD_IN_IADB_VOUCHED RBL: ISIPP IADB lists as vouched-for
sender
-0.1 RCVD_IN_IADB_SPF RBL: IADB: Sender publishes SPF record
-0.0 RCVD_IN_IADB_LISTED RBL: Participates in the IADB system
-0.0 RCVD_IN_IADB_OPTIN_GT50 RBL: IADB: Opt-in used more than 50%
of the
time
For the same message, Pyzor has a high score - which is correct:
2.5 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
2.5 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)