Re: Request to change rule RCVD_IN_RP_CERTIFIED

Fri, 30 Mar 2012 03:27:20 -0700 

On 3/29/12 6:06 PM, Kevin A. McGrail wrote:




As a side note, linkedin likely had someone from FreeBSD list use the 
email address to invite people.  I doubt linkedin actually did it.  
They are an easily abused system but I've never seen them actually 
support spam.



as in 'technically', yes linkedin did (see sender and from headers.) is 
in who pushed the button, who loaded the names, no, they didn't.  But, 
unless they want to identify the user in the From (not the mfrom/sender 
which would break spf), they 'sent it', facilitated it being sent, 
allowed it to be sent.



or, they allow the sender to forge From headers. (if they didn't send 
it, they forged the From headers)



But I am not asking SA to fix linked in, or stop them from spamming (it 
was unsolicited, it was commercial. (they want to build up their links, 
actual member wants to spam me using linked in).


I want to address the 'easily abused system'.

If linked in has an easily abused system, and RP gets paid to list them, 
and the default SA score for  RCVD_IN_RP_CERTIFIED is -3.0 points than I 
request that until RP stops certifying  'easily abused system(s)' that 
the score be lowered.



further, I would like SA to consider, in general, the - scores for all 
the 'spam for hire' rules.



If this email would not score high on its own, it would not need -3.0 
score.  If it gets its score dropped by -3.0 points, not only is 
questionable valuable email passed through, but Bayesian keys are added 
as if they are 'clean' email.



So, email like this sent from other sources will eventually come in as 
'clean', due to Bayesian credits.



I would like to consider tflags for all 'spam for hire' scores be 
changed to net nice noautolearn


this way, at least you aren't adding insult to injury.



--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
>*| *SECNAP Network Security Corporation

   * Best Mobile Solutions Product of 2011
   * Best Intrusion Prevention Product
   * Hot Company Finalist 2011
   * Best Email Security Product
   * Certified SNORT Integrator

______________________________________________________________________

This email has been scanned and certified safe by SpammerTrap(r). 
For Information please see http://www.spammertrap.com/
______________________________________________________________________  
 





















					Reply via email to