Chris Lear wrote:
I got an EasyJet confirmation E-mail that scored like this:
BAYES_00=-2.599
DNS_FROM_RFC_ABUSE=0.2
FORGED_RCVD_HELO=0.135
HTML_FONT_FACE_BAD=0.156
HTML_MESSAGE=0.001
HTML_TINY_FONT=2.324
MARKETING_PARTNERS=1.765
MIME_HTML_MOSTLY=1.102
SARE_OBFU_AMP2B=2.555
SARE_SPEC_LEO_LINE03a=0.408
Which adds to 6.0, and only the Bayes score stopped it being rejected
(I'm rejecting at 6.5). [SA 3.1.3 with recent sa-update+SARE rules]
What's the recommended practice here? Whitelist? Lower the SARE scores?
Remove some less-safe SARE rules? Lower the HTML_TINY_FONT score [which
looks right, but if it's right for me, why not everyone else]?
HTML_TINY_FONT refers to HTML fontsizes of 0 or 1. (My own similar
local rule for this also triggers on size 2.) I honestly can't figure
out why that should be considered legitimate usage for any legitimate
content- unfortunately, as you're seeing, it does. >:(
I'd like
all ham to score under 2, ideally. And almost all of it does. But I'd
prefer not to whitelist if possible. I like to feel I can trust SA
without introducing special cases.
I'd send them a politely worded nastygram that sums up as "Your legit
mail looks like spam - fix it so your customers don't complain". Most
legitimate companies will appreciate knowing when their mail is getting
tagged by a spam filter. (Several people have posted on this list with
sucess stories about just that, IIRC.)
A few will be obstinate enough to just reply "Add us to you whitelist,
dumbass", but most won't.
-kgd
