On 2021-11-11 at 07:56:59 UTC-0500 (Thu, 11 Nov 2021 07:56:59 -0500) Greg Troxel <g...@lexort.com> is rumored to have said:
> Philipp Ewald <philipp.ew...@digionline.de> writes: > >> You can report it. Gmail is on DNSWL >> >> @gmail.com> >> RCVD_IN_DNSWL_MED=-2.3 >> >> https://www.dnswl.org/?page_id=17 >> >> As far as i know DNSWL is used by default > > I've ended up giving a point each to FREEMAIL_FROM and TO_GMAIL, which > sort of nulls that out. Also: the DNSWL rules in the default ruleset are mis-scored, based apparently on a Perceptron run early in the history of SA and DNSWL. I don't know exactly how to fix this at the distribution level because the RuleQA system can't cope well with possibly labile network reputation rules. The effect of this is that the DNSWL rule scores are not routinely rescored. The fact that they've had the same scores for ~10 years means that they are probably a fixed basis for static local rules in many places. We don't want to disrupt anyone's working system by changing the default scores. With that said, I don't think anyone should use the RCVD_IN_DNSWL* rule scores just because they are the default scores. Locally I use this: score RCVD_IN_DNSWL_LOW 0.8 score RCVD_IN_DNSWL_MED -0.2 score RCVD_IN_DNSWL_HI -2 Those are NOT based on any formal analysis, but simply on my eyeballing a bunch of local stats and heuristically picking values, because I'm a bozo... > It would be really nice if there were an easy way to exclude a domain > from whitelist checks. So, for the internal default "whitelist" this exists: unwhitelist_from (see 'perldoc Mail::SpamAssassin::Conf') It is easy enough to construct rules that counteract DNSWL or other external reputation sources, and the addition of ad hoc internal lists (WLBLEval plugin) in 3.4.x makes it possible to do so in a well-structured manner. Basically, you can create a list of domains that should NOT get any DNSWL bonus and use a meta rule to counteract that bonus. This isn't quite the same as excluding domains from a check entirely, but you can get the same effect. -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire
signature.asc
Description: OpenPGP digital signature
