Hello,
today a mail has been banned (false positive). It says message contains
x.com
X-Quarantine-ID:
X-Amavis-Alert: BANNED, message contains x.com
I couldnt find x.com in the mail body itself, but the mail had a zipfile
as an attachment. The zip file probably contains invoices.
Are the
Am 2024-06-14 21:20, schrieb Matus UHLAR - fantomas:
grep -ri "FONT_INVIS_NORDNS" /var/lib/spamassassin/ | grep describe
/var/lib/spamassassin/4.00/updates_spamassassin_org/72_active.cf:
describe FONT_INVIS_NORDNS Invisible text + no rDNS
In my case, I can say with certainty that the mail
Am 2024-06-14 18:24, schrieb Matus UHLAR - fantomas:
1. as I said it's hard to find out without the body
2. hiding data indicates a spammer.
Yes, I've now realized that I can simply grep for the descriptions.
grep -ri "FONT_INVIS_NORDNS" /var/lib/spamassassin/ | grep describe
/var/lib/spamassa
Am 2024-06-14 17:11, schrieb Matus UHLAR - fantomas:
FONT_INVIS_NORDNS=1.544
HTML_FONT_TINY_NORDNS=1.514
RDNS_NONE=0.793
working fcrdns would fix much for them.
However, not doing stupid shit with fonts would help even more:
FONT_INVIS_MSGID=2.497
FONT_INVIS_NORDNS=1.544
HTML_FONT_TINY_NORDNS=1
Am 2024-06-14 16:44, schrieb Reindl Harald (privat):
with RDNS_NONE nobody on this planet should accept mails from that
machine and the admin has to be fired, the message should be jejected
at SMTP level long before spamassassin
And you would have been dismissed because of your pathological fa
Hello,
I would like to explain a sender what he can do to create an email that
is not classified as spam.
X-Spam-Status: Yes, score=6.248 tagged_above=1 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1,
DKIM_VALID_EF=-0.1, DMARC_PASS=-0.001, FONT_INVIS_
Am 2024-05-13 04:33, schrieb jdow:
Um, "FORGED_SPF_HELO"? Are you sure this message is from MS?
{^_^}
The mail/report is authentic. They already corrected this "error" or
changed the sending server. In today's report FORGED_SPF_HELO is 0.001
and the score is below 5 :)
On 20240512 06:56:5
