G'day everyone, I received a legitimate email from Hotmail today, which (I believe) inappropriately triggered the FORGED_HOTMAIL_RCVD rule in my SpamAssassin (version 3.1.5). The email from Hotmail was actually a bounce-back to an email sent by one of my users to a Hotmail address - it was bouncing back as a "no such user" error from Hotmail, but I think that's not relevant.
There were only two Received headers in the email from Hotmail, and they are as follows (unchanged except for the munging of mydomain.com). The top-most Received header was added by my server, and is therefore reliable, as is the Hotmail IP stated there - 65.54.246.140. Can anyone tell me why the FORGED_HOTMAIL_RCVD rule misfired, and what I might be able to do about it?.... ---------------------- Received: from bay0-omc2-s4.bay0.hotmail.com (bay0-omc2-s4.bay0.hotmail.com [65.54.246.140]) by mail.mydomain.com (mail.mydomain.com [87.230.126.33]) (MDaemon PRO v9.5.0gm1) with ESMTP id md50000068214.msg for <[EMAIL PROTECTED]>; Mon, 16 Oct 2006 10:25:51 +0200 Received: from bay0-mc2-f7.bay0.hotmail.com ([65.54.244.47]) by bay0-omc2-s4.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 16 Oct 2006 00:52:09 -0700 ---------------------- Cheers, Jeremy