On 06/19/2018 10:38 AM, Andy Smith wrote:
This has literally just come through to me, zero BAYES and got passed my
custom rule as the HREF URL has changed:
thanks, Andy.
On 19-06-2018 17:33, Kevin A. McGrail wrote:
Well you are welcome to send me new Spamples to look at. As I noted,
I've never seen these variants and RBLs aren't hitting them which ALSO
means you have some new variants.
Regards,
KAM
Content analysis details: (11.0 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
1.2 ENA_SUBJ_INVOICE Subject contains suspicious invoice wording
0.2 SPF_NONE SPF: sender does not publish an SPF Record
0.0 HTML_MESSAGE BODY: HTML included in message
1.2 BAYES_50 BODY: Bayes spam probability is 40 to 60%
[score: 0.5037]
3.2 DCC_CHECK Detected as bulk mail by DCC (dcc-servers.net)
0.8 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any
anti-forgery methods
2.2 ENA_RELAY_NOT_US Relayed from outside the US and not on
whitelists
2.2 ENA_SPF_NONE Add points for suspicious emails that don't
have an SPF
setup.
0.0 ENA_BAD_SPAM Spam hitting really bad rules.
I am trying to reply to this thread but these emails look so spammy that
my outbound filtering is blocking them.
FYI The IVM_URI BL is catching onto these very quickly. Good job, Rob!
--
David Jones