-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dan Barker wrote: > Sorry to confuse the list with un-marked up Emails <g>. > > Here's the MARKUP from the BankOfA FP: > > Content analysis details: (10.3 points, 5.0 required) > > pts rule name description ---- ---------------------- > ------------------------------------------------ -- 1.4 > X_MAILER_SPAM X-Mailer: header is bulk email fingerprint > 1.0 NO_REAL_NAME From: does not include a real name -0.0 > SPF_PASS SPF: sender matches SPF record 0.0 > HTML_MESSAGE BODY: HTML included in message 3.5 BAYES_99 > BODY: Bayesian spam probability is 99 to 100% [score: 1.0000] 0.0 > MIME_HTML_ONLY BODY: Message only has text/html MIME parts > 1.4 DNS_FROM_RFC_WHOIS RBL: Envelope sender in > whois.rfc-ignorant.org 3.0 SARE_FORGED_BANKOFA > SARE_FORGED_BANKOFA You can't run with extra rulesets with a limit of 5. That will get you FP's guaranteed. Second, what is BAYES_99 doing there? That is not good either. The SARE rule should not have fired (though, you can't blaim it), but even without the SARE-rule, it would still be qualified as SPAM. Bayes seems to be a problem too, and could be a sign of more wider problems (poisoned Bayes database?)
> Where's the !all in that record.. I don't see it.. do you? I still find it odd that a bank does not have more stringent SPF-records. I expected to see -all in there. What does !all mean anyway? Kind Regards, Sander Holthaus -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (MingW32) iD8DBQFFq49KVf373DysOTURAqC+AKCFKNnfyA7Hx9hSjnD8gHsub88QfgCeKms4 /IJRNTiEol/8O9wJvYAdE0o= =bpO6 -----END PGP SIGNATURE-----
