"Doug Crompton" <[EMAIL PROTECTED]> asked: > What can I tell this person to do differently to avoid this? > When you say it is a known address from where spam was sent > (dialup) do you mean the dialup account of the original AOL user?
Here is what relays.osirusoft.com has to say when I look up that ip address: "Special note to AOL users. Direct-to-mx spam from any AOL user results in the listing of the netblock. Your admins may allow direct-to-mx traffic, but I don't want it. This zone is for dialup pools that have been an injection point for spam. Please use your ISP's server instead." What that means is that the people who maintain that particular spamblocking list are willing to list all AOL dialup ip addresses because there are people who use AOL dialup accounts to run spamming mailer software. > I don't like turning things off. I would rather fix the problem. Some people think that some of the lists used by relays.osirusoft.com are too agressive in their criteria, resulting in too many false positives. Also, the genetic algorithm (GA) does not use the network based rules such as this one when it computes the optimal scores. That means that the scoring for the network based rules are more arbitrary. If one doesn't work for you, you might as well change it. In this case, the rule RCVD_IN_OSIRUSOFT_COM has a score of 2.0 points, which will be added to just about any mail sent by an AOL dialup user. Some people would agree with having any AOL user start out with a 2 point disadvantage. But if you just disable that rule, known spam relays will still get caught by X_OSIRU_SPAM_SRC (3.0 points) or X_OSIRU_SPAMWARE_SITE (5.0 points) which match osirusoft.com results other than the dialups. Personally I simply disable all network checks by using the -L option to spamassassin and spamd. I don't see enough benefit from the network checks, they cause a scan of one email to take seconds instead of a fraction of a second, and there are too many false positives. In this case I consider turning it off to be a solution to the problem. -- sidney _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
