On 25/02/11 08:59, Stefan Jakobs wrote:
Hi list,
I received a message from a friend, fetched the message by using POP3 and
passed it to spamassassin. It marked the message as spam.
I know this is not the intended use of spamassassin, but is there any chance
that I can circumvent this kind of false positives?
Here are the headers:
Received: from web.de by mxint02.web.de with esmtp (WEB.DE 4.110 #2)
id 1PshFE-0003cY-00
for aaa...@web.de; Thu, 24 Feb 2011 20:53:00 +0100
Received: from mwmweb019 ( [172.20.18.28])
by fmmailgate06.web.de (Postfix) with ESMTP id 24649899FC4
for<aaa...@web.de>; Thu, 24 Feb 2011 20:53:00 +0100 (CET)
Received: from [78.55.199.104] by mwmweb019 with HTTP; Thu
Feb 24 20:53:00 CET 2011
Message-ID:<429666097.231800.1298577180140.JavaMail.fmail@mwmweb019>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_Part_230494_250017406.1298577089175"
Date: Thu, 24 Feb 2011 20:53:00 +0100 (CET)
From: "afried"<bbb...@web.de>
To: aaa...@web.de
Subject: Zeugnisse
And here's the result from spamassassin:
Inhaltsanalyse im Detail: (6.4 Punkte, 5.0 benötigt)
Pkte Regelname Beschreibung
---- ---------------------- --------------------------------------------------
3.3 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
[78.55.199.104 listed in zen.spamhaus.org]
That looks to be your main problem right there - don't deep parse
Received headers against Spamhaus PBL, only check lastexternal
addresses, as this will cause a large number of false positives.
