Anders Gustafsson skrev den 2024-06-16 13:42:
This one:

Return-path: <xxxxxxx>
X-Spam-Checker-Version: SpamAssassin 3.4.5 (2021-03-20) on xxxxxx
X-Spam-Level:
X-Spam-Status: No, score=-95.6 required=5.0 tests=BAYES_00,HTML_MESSAGE,
        MIME_HTML_ONLY,RCVD_IN_MSPIKE_BL,RCVD_IN_MSPIKE_L5,RDNS_NONE,
        TO_EQ_FM_DIRECT_MX,TO_NO_BRKTS_NORDNS_HTML,T_SCC_BODY_TEXT_LINE,
        URIBL_BLACK,URIBL_DBL_SPAM,USER_IN_WELCOMELIST,USER_IN_WHITELIST
        autolearn=no autolearn_force=no version=3.4.5
Received: from hosted-by.csrdp.host ([195.10.205.97])
        by xxxxx with ESMTP (TLS encrypted); Sun, 16 Jun 2024 11:52:11 +0300
Reply-To: Email Mailbox Notification xxxxxx  #9698 <xxxx>

It was a phishing email and the provider has since shut it down. Now we do not have that adress in our whitelist. Should I interpret this that some of the entries we do have in our whitelist uses this adress or
provider?

time to upgrade

https://multirbl.valli.org/lookup/195.10.205.97.html

remove localy whitelist

change score for whitelist to non default -100

phishing links goes to phishtank.com

train bayes on phishing emails





Reply via email to