> From large providers i sometimes recieve messages through encrypted > smtp, the header looks smth like this (qmail): > > ... with (AES256-SHA encrypted) SMTP; ... > > > Would it be a good idea to give a minimal negative score on this -0.1 or > -0.2 if this happens on the last hop? - It proves that the sending smtp > server is very protocol sane, which spambots are usually not.
Maybe spambots are not protocol-sane, but (abused) legitimate mailservers are. Just because a message was delivered through TLS does not indicate whether it's legitimate or not. According to my experience, the ham/spam ratio over TLS is roughly 50/50 (which is still better than the ham/spam ratio for non-TLS traffic). -- Matthias
