I received a piece of spam, that had a very large minus score (-79.6)
When I checked to see why, I saw that the user faked the From and
Return-Path to be from a domain that I whitelist. I thought
SpamAssassin was smart enough to not be fooled by that? Without that
100pt adjustment, the spam score would have been 20.4!
-----Start Exerpt from the header-----
Return-Path: <[EMAIL PROTECTED]>
Received: from hotjobs.com (CM-mapu3-232-12.cm.vtr.net
[200.83.232.12])
by ns.shelfspace.com (8.12.8/8.12.8) with SMTP id h8NNsrk7008341
for <[EMAIL PROTECTED]>; Tue, 23 Sep 2003 16:54:56 -0700
Message-ID: <[EMAIL PROTECTED]>
From: "Daryl A. Lovell" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Get your LOVER's Email PASSWORD with Spy Software.
k sizcyd2p
[lines skipped]
X-Spam-Status: No, hits=-79.6 required=5.0 tests=BAYES_99,
DATE_IN_FUTURE_12_24,FORGED_OUTLOOK_HTML,FORGED_OUTLOOK_TAGS,
HTML_50_60,HTML_FONTCOLOR_RED,HTML_FONT_BIG,HTML_MESSAGE,
MIME_HTML_NO_CHARSET,MIME_HTML_ONLY,RCVD_IN_BL_SPAMCOP_NET,
RCVD_IN_DYNABLOCK,SUBJ_HAS_SPACES,UPPERCASE_25_50,USER_IN_WHITELIST
autolearn=no version=2.60
-----Stop Exerpt from the header-----
-----Start Exerpt from ~/.spamassassin/user-prefs -----
whitelist_from [EMAIL PROTECTED]
-----Stop Exerpt from ~/.spamassassin/user-prefs -----
Is this a bug in the newest version of SA 2.6.0?
Is this a problem w/ me doing whitelists wrong?
Is there some way to prevent this in future?
thanks,
mark
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
