On 11/29/2012 05:43 PM, John Hardin wrote:
> On Thu, 29 Nov 2012, Kris Deugau wrote:
>
>> I've just had another couple of reports of false positives due to hits
>> on one or more of the FROM_MISSP_* rules.
>>
>> Curious coincidence: Almost all of the reports to date have involved
>> webform email for real estate companies. Most of the rest have involved
>> scan-to-email multifunction devices - mostly Xerox.... used by real
>> estate companies. O_o
>
> Is there any possibility of getting user agent headers for these FPs? If a
> particular piece of legit software always does this then obviously those
> rules should ignore such messages.
>
I had one guy actually read the rejection message and contact
postmaster@ about this.
His sig shows:
Sent from my MOTOROLA ATRIX™ 2 on AT&T
And the headers:
X-Spam-Flag: NO
X-Spam-Score: 4.224
X-Spam-Level: ****
X-Spam-Status: No, score=4.224 required=5 tests=[FREEMAIL_FROM=0.001,
FROM_MISSP_EH_MATCH=2.499, FROM_MISSP_FREEMAIL=1.723,
HTML_MESSAGE=0.001] autolearn=disabled
From: "u...@example.com"<u...@example.com>
X-Mailer: Motorola android mail 1.0
It was relayed through AOL, who you think would clean that up. This
particular model also base64 encodes the entire message...
