jpff wrote:
I have a user of a mailing list who is sending from a Verizon system,
and is being marked as spam. Some is use of HTML etc but
* 2.0 BOTNET_CLIENT Relay has a client-like hostname
* =20
[botnet_client,ip=206.46.173.1,hostname=vms173001pub.verizon.net,
ipinhostname]
botnet belives the hostname is dynamic (probably because of the 173001
part). However, verizon.net SPF record includes 206.46.0.0/16. hmmm...
* 2.6 FM_FAKE_HELO_VERIZON Looks like a fake verizon.net helo.
yep. happens with Matt Kettler mail!
I have opened a bug:
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5972
I suggest the following modification
header __FHOST_RDNS X-Spam-Relays-Untrusted =~ /^[^\]]+ rdns=[^ ]*[a-z] /i
meta FM_FAKE_HELO_VERIZON (__FHELO_VERIZON && !__FHOST_VERIZON &&
__FHOST_RDNS)
meta FM_FAKE_HELO_HOTMAIL (__HOTMAILCOM && !__HOST_HOTMAIL && __FHOST_RDNS)
now, it would be nice to modify Received.pm to ignore invalid rdns. any
opinions?
are the two that do not seem to be under control. The mailing list
archive seems to be hiding teh headers at present.
What exactly do they mean? How can he prevent it?
