On 23.12.22 21:24, Joey J wrote:
This is the best I can grab header wise, Names/IP's have changed here to
protect privacy.
Know the following:
The senders real server (1.2.3.4), (1.2.3.4 is the SPF match) sends the
mail to the gateway, and the gateway blocked it as shown.
Yes, legit going to payp
Hello All,
This is the best I can grab header wise, Names/IP's have changed here to
protect privacy.
Know the following:
The senders real server (1.2.3.4), (1.2.3.4 is the SPF match) sends the
mail to the gateway, and the gateway blocked it as shown.
Yes, legit going to paypal.
Based on your resp
On Wed, 21 Dec 2022, Joey J wrote:
But in better seeing the welcomelist_from_spf option, I think this will be
my first try.
If you are *really* worried about getting faked mail from that
correspondent, you can do something like:
whitelist_from_spf j...@company.com
blacklist_fro
On 21.12.22 15:48, Joey J wrote:
Thank you for pointing me in the better direction.
Since not many people are typing these types of email , I could do the one
off rule and it would be manageable.
But in better seeing the welcomelist_from_spf option, I think this will be
my first try.
welcomelis
Kris & Greg,
Thank you for pointing me in the better direction.
Since not many people are typing these types of email , I could do the one
off rule and it would be manageable.
But in better seeing the welcomelist_from_spf option, I think this will be
my first try.
I appreciate all of your points
Joey J wrote:
Thanks Everyone.
Within all of the responses, I will try to reply here.
1. The legit sender will talk about big numbers because of the real
things he is involved with so big numbers is still a valid method to
score, just not in this case.
2. The SPF record is set to fail on no mat
The other thing that should be done for j...@company.com is that
company.com should sign their mail with DKIM, and then you can
welcomelist_from_dkim *@company.com
I find that many companies I deal with that produce semi-spammy mail
(most big companies :-) have DKIM signatures and I can welcome
Thanks Everyone.
Within all of the responses, I will try to reply here.
1. The legit sender will talk about big numbers because of the real things
he is involved with so big numbers is still a valid method to score, just
not in this case.
2. The SPF record is set to fail on no match, however this d
On 2022-12-21 at 12:02:27 UTC-0500 (Wed, 21 Dec 2022 18:02:27 +0100)
Matus UHLAR - fantomas
is rumored to have said:
[...]>
> On 21.12.22 11:19, Henrik K wrote:
>> It will pass welcomelist_auth, since there is SPF_PASS, which you missed:
>>
>> SPF_PASS -0.001 SPF: sender matches SPF
On 20/12/2022 23:59, Joey J wrote:
Thanks to Bill and Matus for your responses.
Basically, the client is talking about real money transactions,
airplanes, paypal etc, but he is a legit sender with these often
flagged topics.
Sometimes the message goes through, but by the time you reply 2 or 3
> DKIM_INVALID 0.1 DKIM or DK signature exists, but is not valid
>
> DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not
> necessarily valid
>
> HTML_FONT_LOW_CONTRAST 0.001 HTML font color similar or identical to
> background
>
> HTML_MESSAGE0.001 HTML
On Wed, Dec 21, 2022 at 08:43:18AM +0100, Matus UHLAR - fantomas wrote:
> > DKIM_INVALID 0.1 DKIM or DK signature exists, but is not valid
> >
> > DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not
> > necessarily valid
> >
> > HTML_FONT_LOW_CONTRAST 0.001 HTML fo
On 20.12.22 18:59, Joey J wrote:
Basically, the client is talking about real money transactions, airplanes,
paypal etc, but he is a legit sender with these often flagged topics.
Sometimes the message goes through, but by the time you reply 2 or 3 times,
there are more of the buzz words that SA lo
Personally I'd look at why BIGNUM_EMAILS_MANY is hitting and see if there is
something the sender could do to avoid it. I'm pretty sure I've never seen that
rule hit in any of my spam, so it must be something a bit unique.
Loren
Thanks to Bill and Matus for your responses.
Basically, the client is talking about real money transactions, airplanes,
paypal etc, but he is a legit sender with these often flagged topics.
Sometimes the message goes through, but by the time you reply 2 or 3 times,
there are more of the buzz words
On 19.12.22 20:05, Joey J wrote:
I'm trying to see if there is a "best way" to provide negative scoring for
a certain persons email.
As an example if j...@company.com is communicating with paypal or other real
banking institutions, then at times within the email chain, SA will tag it
as spam.
d
On 2022-12-19 at 21:43:08 UTC-0500 (Mon, 19 Dec 2022 21:43:08 -0500)
Joey J
is rumored to have said:
Thanks,
So welcomelist_from_rcvd j...@company.com [1.2.3.4]
Is saying if it's received from j...@company.com and the IP
combination?
And then simply score it
welcomelist_from_rcvd score -2
I
Actually, what would be the format, in respect to header for that rule?
so
header welcomelist_from_rcvd j...@company.com [1.2.3.4]
On Mon, Dec 19, 2022 at 8:39 PM Greg Troxel wrote:
>
> Joey J writes:
>
> > I'm trying to see if there is a "best way" to provide negative scoring
> for
>
Thanks,
So welcomelist_from_rcvd j...@company.com [1.2.3.4]
Is saying if it's received from j...@company.com and the IP combination?
And then simply score it
welcomelist_from_rcvd score -2
I will try that thank you!
On Mon, Dec 19, 2022 at 8:39 PM Greg Troxel wrote:
>
> Joey J writes:
>
> > I'
Joey J writes:
> I'm trying to see if there is a "best way" to provide negative scoring for
> a certain persons email.
That's easy. There are many ways, but not best way.
> As an example if j...@company.com is communicating with paypal or other real
> banking institutions, then at times withi
Hello All,
I'm trying to see if there is a "best way" to provide negative scoring for
a certain persons email.
As an example if j...@company.com is communicating with paypal or other real
banking institutions, then at times within the email chain, SA will tag it
as spam.
I want to see if there is
21 matches
Mail list logo
