Matthias Schmidt a écrit : > Am/On Sat, 18 Oct 2008 05:20:03 -0700 schrieb/wrote cfgerty: > >> One sample of these mails: >> >> http://pastebin.com/m1e3d6b5d >> >> German Language Rulesets are applied. >> > > this message doesn't come from a mail-server with a resolving reverse pointer. > We don't accept such messages, so this message even wouldn't make it to > spamassassin here.
which mail server do you mean? My understanding is that Chritoph gets the mail via his ISP, and his ISP doesn't perfrom rDNS lookup. Christoph: can you confirm this? Other than that, the server that pushed it has a "dynamic" rdns: $ host 88.215.95.153 153.95.215.88.in-addr.arpa domain name pointer 88.215.95.153.dynamic.cablesurf.de. $ host 88.215.95.153.dynamic.cablesurf.de 88.215.95.153.dynamic.cablesurf.de has address 88.215.95.153 and if the ISP relay is trusted, then the mail is "direct to mx", which could deserve few points. Also, that IP is listed in bb.barracudacentral.org (2.0 here. I am considering increasing the score as I didn't see it FP). another note: The spam contains an obfuscated uri (geheime-webcam....) which is listed on surbl and uribl (since 2008-10-05).
