Are you using the KAM.cf ruleset? Can you manually test the email and give the output from the report? Or put a spample up on pastebin?
On 9/20/2020 10:35 AM, Daryl Rose wrote: > > I tend to get a lot of phishing attempts, and they all get through. > > This appears to come from Apple, but obviously is not. > > Subject: Re: Purchase Notification - Here is confirmation of > your order > > > Mail > From: > acc.mubmx4btmqkymgfv1leobg.copsess2049113.222...@v2345t3w4t0inbox13.com > > <mailto:acc.mubmx4btmqkymgfv1leobg.copsess2049113.222...@v2345t3w4t0inbox13.com> > > > I can blacklist the email address, but I know that won't help. Is > there a rule that I can set up to catch more phishing attempts? > > Thanks > > Daryl -- Kevin A. McGrail kmcgr...@apache.org Member, Apache Software Foundation Chair Emeritus Apache SpamAssassin Project https://www.linkedin.com/in/kmcgrail - 703.798.0171
