On 09/11/2024 08:48, MX wrote:
I would just score anything DNSWL at 0. I mean no disrespect to the
maintainer of DNSWL but I just don't find it useful these days. Spam is
too complex now.
local.cf:
score ALL_TRUSTED 0
score DKIMDOMAIN_IN_DWL 0
score DKIMWL_WL_MED 0
score DKIMWL_WL_HIGH 0
sco
On 08.11.24 17:41, Alex wrote:
Time to remove docusign from RCVD_IN_DNSWL_MED and others that subtract
points? This is not cool at all.
correct, have you reported it?
Even without having these rules, there isn't much in the body to catch a
docusign phish that uses docusign directly.
https:
One of my clients was sent this yesterday:
Return-Path:
Received: from mail.tbi.net
by mail.tbi.net with LMTP
id IDNsDitYLmfjLA0AVPRGcQ
(envelope-from )
for ; Fri, 08 Nov 2024 13:27:55 -0500
Received: from localhost (localhost [127.0.0.1])
by amavis.tbi.net (tbi.net) with ESM
