Anders Gustafsson skrev den 2024-06-16 13:42:
This one:
Return-path: <xxxxxxx>
X-Spam-Checker-Version: SpamAssassin 3.4.5 (2021-03-20) on xxxxxx
X-Spam-Level:
X-Spam-Status: No, score=-95.6 required=5.0
tests=BAYES_00,HTML_MESSAGE,
MIME_HTML_ONLY,RCVD_IN_MSPIKE_BL,RCVD_IN_MSPIKE_L5,RDNS_NONE,
TO_EQ_FM_DIRECT_MX,TO_NO_BRKTS_NORDNS_HTML,T_SCC_BODY_TEXT_LINE,
URIBL_BLACK,URIBL_DBL_SPAM,USER_IN_WELCOMELIST,USER_IN_WHITELIST
autolearn=no autolearn_force=no version=3.4.5
Received: from hosted-by.csrdp.host ([195.10.205.97])
by xxxxx with ESMTP (TLS encrypted); Sun, 16 Jun 2024 11:52:11 +0300
Reply-To: Email Mailbox Notification xxxxxx #9698 <xxxx>
It was a phishing email and the provider has since shut it down. Now we
do not have that adress in our
whitelist. Should I interpret this that some of the entries we do have
in our whitelist uses this adress or
provider?
time to upgrade
https://multirbl.valli.org/lookup/195.10.205.97.html
remove localy whitelist
change score for whitelist to non default -100
phishing links goes to phishtank.com
train bayes on phishing emails