On Thu, 6 Aug 2009, Tobias Eichner wrote:
not examine the delivery envelope. Thus BCC'ed emails, those delivered
by mailing lists, or those with fake TO: lines will not have the
negative score modifier applied.
What do you mean with "fake TO:" ?
Spammer enters a random address as the "To:" header.
Then I sent an e-mail from within our network (they have two servers,
my account is on the first, the above "get all spam" account on the
other):
X-Spam-Status: No, hits=-9.8 tagged_above=-999 required=5 tests=ALL_TRUSTED,
BAYES_00, USER_IN_WHITELIST
X-Spam-Level:
X-Spam-Status: No, hits=-108 tagged_above=-999 required=5 tests=BAYES_00,
USER_IN_ALL_SPAM_TO, USER_IN_WHITELIST
X-Spam-Level:
Looks like SA runs on both machines. The first one correctly identifies
your mail as being from a 'trusted' source. Your second one does not?
The second one properly handles 'all_spam_to'.
Could this be affiliated with the problem ?
No, your problem is that you need to test a header injected by your MTA
(Envelope From) to see if the intended recipient is *really* the accounts
that should have no tag.
- C
