Re: Messages from outer clients marked as spam

Mon, 23 Jan 2023 08:37:58 -0800 

Since the beginning of this year, however, incoming (SMTP authenticated)
mail from clients outside the LAN is marked as spam.
E.g.
> X-Spam-Score: 10.756 (**********)
BAYES_00,KAM_DMARC_REJECT,KAM_DMARC_STATUS,KAM_LOTSOFHASH,KHOP_HELO_FCRDNS,LOT
S_OF_MONEY,PDS_RDNS_DYNAMIC_FP,RCVD_IN_PBL,RCVD_IN_ZEN_LASTEXTERNAL,RDNS_DYNAM
IC,SPF_FAIL,TO_EQ_FM_DOM_SPF_FAIL


On 23.01.23 16:05, Marc wrote:

Don't you have more details? Looks to me you are on dns blacklists, your spf is 
not good etc.



You have misunderstood the problem. Authenticated clients are those who 
submit mail wia OP's server, so the SPF/DKIM/DMARC can't match as they match 
when they go out of the OP's server.



Also, it's common for authenticated clients to send mail from dynamic IP 
addresses, they don't leave the OP's server using dynamic IP anymore.



Right now I instructed MIMEDefang to avoid passing authenticated mails
to SpamAssassin, but this is not what I ideally want. (If a client gets
compromised...).



I fully understand this.  except checking DNSBLs for dynamic IP and 
SPF/DKIM/DMARC checks, all other checks like BAYES, RAZOR/PYZOR/DCC are 
useful there.



My real wish would be to always run messages through SpamAssassin, but
avoid RBL/SPF/DMARC/dynamic IPs/etc... checks for those that come from
an authenticated client, as these rules make no sense in that case.



What's the best practice to achieve this result?



Separate in and out going servers and different configurations for their 
spamassassin.  It is almost impossible to have in/out going combined.



That's correct but often also expensive, impossible and ineffective 

(e.g.  when you want to match incoming mail onto outgoing to check whether 
it's real reply to existing problem)




Unfortunately SpamAssassin does not have set of rules to ignore for 
outgoing mail, nor special scores for those.


--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Depression is merely anger without enthusiasm.






















					Reply via email to