Alex wrote:
Hi,
I recently had an account activation email blocked due
to AC_FROM_MANY_DOTS in the From address:
From: VitalSource <do.not.re...@vitalsource.com
<mailto:do.not.re...@vitalsource.com>>
It also hit KAM_SENDGRID and BAYES_50 and KAM_MARKETINGBL_PCCC, pushing
it over to spam.
* 1.5 KAM_SENDGRID Sendgrid being exploited by scammers
* 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
* 0.2 KAM_MARKETINGBL_PCCC Message contains URI associated with
in addition to a few smaller rules, like KAM_DMARC_NONE.
Does it sound reasonable to add 3 points plus another 1.5 simply for
having been sent by sendgrid? How do we offset those points? Do we just
rely on bayes/txrep?
I think my bayes db is pretty well-trained, but there's also a lot of
account activation fraud emails.
Third party rule sets always need evaluation for your local mail flow.
And you can always override scores in a third party channel with a local
channel loaded after any others, or in a .cf in your local configuration
directory.
I looked at the KAM rules and decided that using them as-is was a
nonstarter. However, using selected rule groups, at a reduced score,
for spam I've had a hard time writing my own rules, has worked quite
well. (Up until the spammers started just dropping their fake invoice
content into an attached image - or PDF.)
-kgd
