Re: All RCVD_IN_VALIDITY rules being applied to every email.

[Mark London]

Matus - Oops!  I had installed a new email server last year, running 
Ubuntu, and I didn't realize by default, updating is off.

After updating, I see that we are getting blocked by RCVD_IN_VALIDITY.  
My bad.  Thanks very much! - Mark

On 11/14/2024 8:44 PM, uh...@fantomas.sk wrote:
From:
Matus UHLAR - fantomas <uh...@fantomas.sk>
Date:
11/14/2024, 3:17 AM

To:
users@spamassassin.apache.org


FWIW, Today I discovered that RCVD_IN_VALIDITY_CERTIFIED, 
RCVD_IN_VALIDITY_RPBL, and RCVD_IN_VALIDITY_SAFE, were being 
triggered for every email that our server received.  I do not use a 
public DNS server.  I disabled all of them.  Strange. - Mark

Do you have trustpath configured properly?
https://cwiki.apache.org/confluence/display/SPAMASSASSIN/TrustPath

- if you use backup MX server which is listed here, it may cause this 
  problem.

do you update your rules?

those three rules use different dnswls:

header RCVD_IN_VALIDITY_CERTIFIED eval:check_rbl('ssc-firsttrusted', 
'sa-trusted.bondedsender.org.', '^127\.0\.0\.')
header RCVD_IN_VALIDITY_RPBL eval:check_rbl('rnbl-lastexternal', 
'bl.score.senderscore.com.', '^127\.0\.0\.')
header RCVD_IN_VALIDITY_SAFE eval:check_rbl('ssc-firsttrusted', 
'sa-accredit.habeas.com.', '^127\.0\.0\.')

- maybe you have old rules from time *_BLOCKED was not tested:

header RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 
eval:check_rbl('ssc-firsttrusted', 'sa-trusted.bondedsender.org.', 
'127.255.255.255')
header RCVD_IN_VALIDITY_RPBL_BLOCKED 
eval:check_rbl('rnbl-lastexternal', 'bl.score.senderscore.com.', 
'127.255.255.255')
header RCVD_IN_VALIDITY_SAFE_BLOCKED 
eval:check_rbl('ssc-firsttrusted', 'sa-accredit.habeas.com.', 
'127.255.255.255')