Jeremy Morton a écrit :
> [snip]
> Examples of a couple of the type of bouncebacks I get:
> http://www.game-point.net/misc/bb1.txt
This one is not a "conformant" bounce. but this doesn't matter. it is
detected as spam by SA:
Content analysis details: (10.5 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
2.0 URIBL_BLACK Contains an URL listed in the URIBL blacklist
[URIs: fm.interia.pl]
0.0 MISSING_MID Missing Message-Id: header
1.0 COUNTRY_CN Relayed via China
3.2 CHARSET_FARAWAY_HEADER A foreign language charset used in headers
1.8 MIME_QP_LONG_LINE RAW: Quoted-printable line longer than 76 chars
2.5 MIME_CHARSET_FARAWAY MIME character set indicates foreign language
0.1 RDNS_NONE Delivered to trusted network by a host with
no rDNS
if you get your lang settings ok, then the CHARSET rules above would
give 5.7 points, which is enough.
> http://www.game-point.net/misc/bb2.txt
This one is a "conformant" bounce. the envelope sender is "null":
Return-path: <>
if you use BATV, then you could reject such mail since the envelope
recipient:
Envelope-to: ro...@game-point.net
is not tagged.
the message is detected as spam here:
Content analysis details: (5.3 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
2.0 URIBL_BLACK Contains an URL listed in the URIBL blacklist
[URIs: fm.interia.pl]
0.0 MIME_BOUND_MANY_HEX Spam tool pattern in MIME boundary
0.5 COUNTRY_BR Relayed via Brazil
0.0 HTML_MESSAGE BODY: HTML included in message
2.6 INVALID_MSGID Message-Id is not valid, according to RFC 2822
0.1 BOUNCE_MESSAGE MTA bounce message
0.1 ANY_BOUNCE_MESSAGE Message is some kind of bounce message
although it's less "obvious" than the other message.
note that here, the vbounce rules are triggered.
maybe I should add
meta BOUNCE_URI_BLACK (URIBL_BLACK && ANY_BOUNCE_MESSAGE)
and score it a little high?
