yes, I can set a positive score for RCVD_IN_BSP_TRUSTED rules (I have!) Without it, lots of spam would get through with the default -4.3 score.

but if the spammer sends to our generic web contact address (found by harvesting our web pages), shouldn't the company who gets paid to 'bond' them unlist them?

I looked on www.returnpath.net, but didn't see any place to officially report violations (without subscribing)

I have also filed a bugzilla report with specific ip, and verified with dns that it is still a 'bonded sender'

https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5977

host 94.32.2.72.sa-trusted.bondedsender.org
94.32.2.72.sa-trusted.bondedsender.org has address 127.0.0.10

their web site says they have a 'sender score of 60'
http://www.returnpath.net/senderscore/receiver/



--
Michael Scheidell, CTO
Main: 561-999-5000, Office: 561-939-7259
> *| *SECNAP Network Security Corporation

   * Certified SNORT Integrator
   * Everything Channel Hot Product of 2008
   * Shaping Information Security Award 2008
   * CRN Magazine Top 40 Emerging Security Vendors

_________________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.spammertrap.com
_________________________________________________________________________

Reply via email to