On 1/30/2020 6:37 PM, John Hardin wrote: > The problem is that there are no Received headers internal to his > domain, and that makes it look like a MUA is directly contacting your > MTA to send an email - hence, "DIRECT_TO_MX". > > If you can, advise the sender to not remove all the Received headers > from their email before sending it to others. There should be at least > one: the Received header for his MTA accepting the message from his MUA. > > Absent that, you could whitelist his domain. > > That message is not being scored as spam, even if you weren't > increasing the threshold from the default: > >> X-Spam-Flag: NO >> X-Spam-Score: 4.351 >> X-Spam-Level: **** >> X-Spam-Status: No, score=4.351 tagged_above=-9 required=6.31 > > That a given rule hits on some ham does not make the rule a FP. This > rule is working as designed.
I just wanted to +1 John's analysis on this issue and he is dead-on. I also want to reiterate that a FP is only when a email is flagged as spam. Some rules are designed to fire in cases that do not indicate spam or ham status except when analyzed in totality with all the other scores. Regards, KAM -- Kevin A. McGrail kmcgr...@apache.org Member, Apache Software Foundation Chair Emeritus Apache SpamAssassin Project https://www.linkedin.com/in/kmcgrail - 703.798.0171
