I recently got a spam that appears to be certified by returnpath (again, but that's not the point of this mail). The results, from running spamassassin -t, are appended. The DNSWL_NONE hit has the IP address that hit, but the RP_ rules do not. I think it should be policy that any dnsbl hit, positive or negative, but especially negative, should specify the matching data (IP, domain name, etc.).
Content analysis details: (-3.5 points, 1.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [167.216.129.184 listed in list.dnswl.org] -3.0 RCVD_IN_RP_CERTIFIED RBL: Sender is in Return Path Certified (trusted relay) [Return Path SenderScore Certified {formerly] [Bonded Sender} - <http://www.senderscorecertified.com>] -2.0 RCVD_IN_RP_SAFE RBL: Sender is in Return Path Safe (trusted relay) [Return Path SenderScore Safe List (formerly] [Habeas Safelist) - <http://www.senderscorecertified.com>] 0.0 HTML_MESSAGE BODY: HTML included in message 1.1 BAYES_50 BODY: Bayes spam probability is 40 to 60% [score: 0.5000] 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.0 RCVD_NOT_IN_IPREPDNS Sender not listed at http://www.chaosreigns.com/iprep/ 0.2 DKIM_FORGED DKIM_FORGED 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid 0.1 KHOP_RCVD_UNTRUST DNS-whitelisted sender is not verified
pgp2fKeawZPta.pgp
Description: PGP signature
