On Tue, 2011-07-26 at 01:49 -0700, Daniel Lemke wrote:
> Ummh, thanks for the hint, copied the wrong sample :) (removed some header
> information by myself to test something…)
> This is the right one: http://pastebin.com/Cmu15YY2
>
Exactly the same remarks (and identical score!) apply to this one too.
I'm running SA 3.3.2 with the default ruleset apart from some local
rules and a couple of plugins that didn't fire in this case.
BTW, I miscalculated the score - the barebones SA 3.3.2 would have
scored 8.3:
0.7 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
[77.230.60.158 listed in zen.spamhaus.org]
1.6 RCVD_IN_BRBL_LASTEXT RBL: RCVD_IN_BRBL_LASTEXT
[77.230.60.158 listed in
bb.barracudacentral.org]
1.8 URIBL_BLACK Contains an URL listed in the URIBL
blacklist
[URIs: ff.ly]
1.7 URIBL_WS_SURBL Contains an URL listed in the WS SURBL
blocklist
[URIs: ff.ly]
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
1.0 HK_PNIS BODY: HK_PNIS
1.5 MPART_ALT_DIFF_COUNT BODY: HTML and text parts are different
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 T_URIBL_BLACK_OVERLAP T_URIBL_BLACK_OVERLAP
Martin
