On 13.11.24 22:15, Mark London wrote:
FWIW, Today I discovered that RCVD_IN_VALIDITY_CERTIFIED,
RCVD_IN_VALIDITY_RPBL, and RCVD_IN_VALIDITY_SAFE, were being triggered
for every email that our server received. I do not use a public DNS
server. I disabled all of them. Strange. - Mark
Do you have trustpath configured properly?
https://cwiki.apache.org/confluence/display/SPAMASSASSIN/TrustPath
- if you use backup MX server which is listed here, it may cause this
problem.
do you update your rules?
those three rules use different dnswls:
header RCVD_IN_VALIDITY_CERTIFIED eval:check_rbl('ssc-firsttrusted',
'sa-trusted.bondedsender.org.', '^127\.0\.0\.')
header RCVD_IN_VALIDITY_RPBL eval:check_rbl('rnbl-lastexternal',
'bl.score.senderscore.com.', '^127\.0\.0\.')
header RCVD_IN_VALIDITY_SAFE eval:check_rbl('ssc-firsttrusted',
'sa-accredit.habeas.com.', '^127\.0\.0\.')
- maybe you have old rules from time *_BLOCKED was not tested:
header RCVD_IN_VALIDITY_CERTIFIED_BLOCKED eval:check_rbl('ssc-firsttrusted',
'sa-trusted.bondedsender.org.', '127.255.255.255')
header RCVD_IN_VALIDITY_RPBL_BLOCKED eval:check_rbl('rnbl-lastexternal',
'bl.score.senderscore.com.', '127.255.255.255')
header RCVD_IN_VALIDITY_SAFE_BLOCKED eval:check_rbl('ssc-firsttrusted',
'sa-accredit.habeas.com.', '127.255.255.255')
Do you use your own DNS server?
Doesn't your ISP intercept DNS queries?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
- Holmes, what kind of school did you study to be a detective?
- Elementary, Watkins. -- Daffy Duck & Porky Pig
