Steve Dondley writes:
> Note: I've changed the score of RCVD_IN_DNSWL_HI hits to -2.0 from
> -5.0 until I get my misconfiguration figured out. Thanks for your
> patience.
Fair enough; that's not an unreasonable thing to do.
Probably you want to turn report_safe to 0 for doing this testing.
>
On 2021-04-10 03:20 PM, Bill Cole wrote:
On 10 Apr 2021, at 14:53, Steve Dondley wrote:
I'm very, very sorry to beat a dead horse, but I'm deeply confused by
the "RCVD_IN_DNSWL_HI" rule which appears to be reporting incorrectly
on my system.
STOP USING ANY PUBLIC DNS RESOLVERS WITH ANY MAIL
On 10 Apr 2021, at 14:53, Steve Dondley wrote:
I'm very, very sorry to beat a dead horse, but I'm deeply confused by
the "RCVD_IN_DNSWL_HI" rule which appears to be reporting incorrectly
on my system.
STOP USING ANY PUBLIC DNS RESOLVERS WITH ANY MAIL SERVERS!
Some of these will return bogus
I'm very, very sorry to beat a dead horse, but I'm deeply confused by
the "RCVD_IN_DNSWL_HI" rule which appears to be reporting incorrectly on
my system.
I ran this command:
sudo -u s -- spamassassin -t -d < some_email
It gives me this report:
pts rule name description
---
On 10 Apr 2021, at 12:55, Steve Dondley wrote:
You should fix URIBL_BLOCKED first.
You need a local, caching, non-forwarding DNS server for
SpamAssassin.
Yeah, setting up a DNS server for SA is on my todo list. Thanks.
When you say local, it doesn't have to be on the same machine as
spamass
On 2021-04-10 17:51, Steve Dondley wrote:
I have been looking at this issue a little more. I just grepped my
spam folder. Out of 1000 emails I have flagged as spam, 321 have been
flagged with RCVD_DNSWL_HI, a rule which adds -5 points to the eamil.
That's almost 1 out of 3 emails which seems pret
On 2021-04-10 17:36, Steve Dondley wrote:
Is anyone else seeing spam getting flagged with RCVD_DNSWL_HI
resulting in so many false positives?
report this ip to dnswl with content as provding evedence, you know
admins from dnswl.org here recently asked for this ?
You should fix URIBL_BLOCKED first.
You need a local, caching, non-forwarding DNS server for SpamAssassin.
Yeah, setting up a DNS server for SA is on my todo list. Thanks.
When you say local, it doesn't have to be on the same machine as
spamassassin, does it? I assume I can have the DNS ser
It would be helpful to post an entire actual set of headers --
unmodified -- along with the spamassassin -t report. I can't figure
out (from what you posted) the IP address of the server that was in
DNSWL_HI that delivered mail to your internal/trusted network.
OK, here is the entire output
On 10 Apr 2021, at 12:19, Steve Dondley wrote:
On 2021-04-10 12:10 PM, Greg Troxel wrote:
Steve Dondley writes:
Here are the headers from some egregious spam. It scored a whopping
20.8 point despite being flagged with "RCVD_IN_DNSWL_HI."
Return-Path:
Delivered-To: s...@example.com
Received
Steve Dondley writes:
> On 2021-04-10 12:10 PM, Greg Troxel wrote:
>> Steve Dondley writes:
>>
>>> Here are the headers from some egregious spam. It scored a whopping
>>> 20.8 point despite being flagged with "RCVD_IN_DNSWL_HI."
>>>
>>> Return-Path:
>>> Delivered-To: s...@example.com
>>> Recei
On 10 Apr 2021, at 10:17, RW wrote:
On Sat, 10 Apr 2021 13:23:01 +0200
Matus UHLAR - fantomas wrote:
On 10.04.21 08:58, mau...@gmx.ch wrote:
my spamassassin book are coming from 2004, and possible this arnt
relay up2date.
should be 90% fine.
I didn't know there was a book but I looked it
You do obviously have a very misconfigured system on your end.
Den 10-04-2021 kl. 17:51 skrev Steve Dondley:
>
> X-Spam-Status: Yes, score=20.8 required=5.0 tests=BASE64_LENGTH_79_INF,
> [...]
> ***RCVD_IN_DNSWL_HI***,RCVD_IN_PSBL,RCVD_IN_RP_RNBL,RCVD_IN_SBL_CSS,
> RCVD_IN_VALIDITY_RPB
Steve Dondley writes:
Here are the headers from some egregious spam. It scored a whopping
20.8 point despite being flagged with "RCVD_IN_DNSWL_HI."
Return-Path:
Delivered-To: s...@example.com
Received: from email.example.com
by email.example.com with LMTP
id AnV2NSCZbmCTcQAAB60
Steve Dondley writes:
> From: Steve Dondley
> Date: Sat, 10 Apr 2021 11:51:16 -0400
>
>
> > I have been looking at this issue a little more. I just grepped my
> > spam folder. Out of 1000 emails I have flagged as spam, 321 have been
> > flagged with RCVD_DNSWL_HI, a rule which adds -5 poi
On 2021-04-10 12:10 PM, Greg Troxel wrote:
Steve Dondley writes:
Here are the headers from some egregious spam. It scored a whopping
20.8 point despite being flagged with "RCVD_IN_DNSWL_HI."
Return-Path:
Delivered-To: s...@example.com
Received: from email.example.com
by email.example
Steve Dondley writes:
> Here are the headers from some egregious spam. It scored a whopping
> 20.8 point despite being flagged with "RCVD_IN_DNSWL_HI."
>
> Return-Path:
> Delivered-To: s...@example.com
> Received: from email.example.com
> by email.example.com with LMTP
> id AnV2NSCZ
I have been looking at this issue a little more. I just grepped my
spam folder. Out of 1000 emails I have flagged as spam, 321 have been
flagged with RCVD_DNSWL_HI, a rule which adds -5 points to the eamil.
That's almost 1 out of 3 emails which seems pretty insane.
Here are the headers from s
On 2021-04-06 11:48 AM, Steve Dondley wrote:
I have emails that have been flagged as spam in the past but that are
still getting through, presumably because the servers are on some
DNSWL.
Example:
X-Spam-Status: No, score=0.9 required=5.0 tests=BAYES_99,BAYES_999,
DATE_IN_PAST_03_06,DKIM_SI
On Sat, 10 Apr 2021 13:23:01 +0200
Matus UHLAR - fantomas wrote:
> On 10.04.21 08:58, mau...@gmx.ch wrote:
> >my spamassassin book are coming from 2004, and possible this arnt
> >relay up2date.
>
> should be 90% fine.
I didn't know there was a book but I looked it up
"Configure SpamAssassin
On 2021-04-10 15:59, RW wrote:
On Sat, 10 Apr 2021 15:44:54 +0200
Benny Pedersen wrote:
dont use public dns servers ever, free or not
It's not about using public caches. They are going to block look-ups
from generic rDNS as well. I think they are already blocking some VPS
address blocks.
On Sat, 10 Apr 2021 15:44:54 +0200
Benny Pedersen wrote:
> dont use public dns servers ever, free or not
>
It's not about using public caches. They are going to block look-ups
from generic rDNS as well. I think they are already blocking some VPS
address blocks.
On 2021-04-10 15:28, RW wrote:
On Sat, 10 Apr 2021 08:56:19 -0400
Rob McEwen wrote:
On 4/10/2021 6:55 AM, Jared Hall wrote:
> Rob, I gotta say that I am impressed with the whole Spamhaus-dqs
> program and their use of customer keyed DNS zone queries. Seems to
> be the way around the client DNS
On Sat, 10 Apr 2021 08:56:19 -0400
Rob McEwen wrote:
> On 4/10/2021 6:55 AM, Jared Hall wrote:
> > Rob, I gotta say that I am impressed with the whole Spamhaus-dqs
> > program and their use of customer keyed DNS zone queries. Seems to
> > be the way around the client DNS forwarder issues. How a
On 4/10/2021 6:55 AM, Jared Hall wrote:
Rob, I gotta say that I am impressed with the whole Spamhaus-dqs
program and their use of customer keyed DNS zone queries. Seems to be
the way around the client DNS forwarder issues. How are you guys at
Invaluement tracking in that area?
I'm not sure
On 10.04.21 08:58, mau...@gmx.ch wrote:
my spamassassin book are coming from 2004, and possible this arnt relay
up2date.
should be 90% fine.
I need to refresh the update and build the own rules.
apparently new install, preferrably from your OS/distribution.
read /etc/spamassassin/*.pre fil
(you might be disappointed with SORBS in those areas too? - that's fine
- I'm just trying to clarify that overly judging a DNSBL based on
/*particular*/ false negatives can be overly harsh and might miss the
good things that a DNSBL has to offer)
Probably not that. It is just SORBS. Like whe
27 matches
Mail list logo
