OK - this might be a basic question, but recently the detection rate on
my SA install has been really unreliable, so I decided that the first
step is to be sure it is using the public dns blocklists and razor. My
setup:
1. Spamassassin 3.4.1
2. I have Bind configured as recursive, non-forwarding, caching DNS server.
3. spamassassin --lint doesn't return any errors or failures.
5. My init.pre contains "loadplugin Mail::SpamAssassin::Plugin::URIDNSBL"
Here is the report included in one of the emails which is spam, but
wasn't detected as such:
Content analysis details: (1.4 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low
trust
[212.227.15.41 listed in list.dnswl.org]
1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
0.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not
necessarily valid
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's
domain
1.3 RDNS_NONE Delivered to internal network by a host with no
rDNS
0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines
Does the above mean that the DNSBL tests were applied, but returned zero values
- or would it mean they were skipped. I'm not sure how to find out which one is
it? I'm happy to attach some sample emails which weren't detected, or any other
useful info. Thank you.