On Tue, 23 Apr 2002, Doug Crompton wrote: > The following message (headers below) was tagged as spam. It is not. What > I don't understand is why does it say yahoo.com is a forged address and > via a tagged relay?
As for the tagged relay, nslookup says: Name: 44.114.135.172.relays.osirusoft.com Address: 127.0.0.3 The value ending in .3 means it's a dialup IP from which spam has been sent in the past. You may want to disable the Osirusoft rule in your local SA configuration if you're not worried about recognizing spam sent from dialups. SA says the yahoo.com address was forged because the From: header is yahoo.com but there is no yahoo.com machine mentioned in any of the Received: headers. > I assume this person has an AOL account and sent mail from Yahoo. They sent mail from their home PC using an AOL dialup to connect to the Internet and with their user agent's idea of the sender's address set to be a Yahoo! account. That fits the definition of "forgery" of the From: header, even if the Yahoo! address is a valid one. It's not intentional forgery, but it's not distinguishable by SA's rules. _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
