Arvid Ephraim Picciani wrote:
Hi so again some undertsanding issue,
i just got a mail from some gmail user. It got 5.1 points:
1.6 TVD_RCVD_IP TVD_RCVD_IP
1.7 RCVD_IN_NJABL_PROXY RBL: NJABL: sender is an open proxy
[201.20.219.97 listed in combined.njabl.org]
0.0 RCVD_IN_SORBS_HTTP RBL: SORBS: sender is open HTTP proxy server
[201.20.219.97 listed in dnsbl.sorbs.net]
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 HTML_MESSAGE BODY: HTML included in message
1.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.1 RDNS_DYNAMIC Delivered to trusted network by host with
dynamic-looking rDNS
thats pretty weird, becouse OF COURSE thats a dynamic IP he sent the mail
from. I mean, you can't ssh into your server and mail from there. And i dont
get why sorbs is listing it, if it's dynamic. anyone could have that ip.
So what am i missing here? Why is SA complaining about the first received
field beeing dynamic while imho thats kindof what it should be like. Most
spam doesn't come from MUAs.
Does that mean i should tell my MTA to not expose my ip to other MTAs so they
dont think it's spam from a dynip?
You probably have a broken trust path, and spamassassin is assuming
gmail's server is part of your local network.
See
http://wiki.apache.org/spamassassin/TrustPath