I just had to weigh in here to say that we have DCC_CHECK scored up to a 4, and all of these kinds of spam messages get caught by that because they always hit at least another 1 point worth of rules.
Also, those two rules require plugins, I believe. > -----Original Message----- > From: Juerg Reimann [mailto:j...@jworld.ch] > Sent: Wednesday, June 26, 2013 6:42 PM > To: users@spamassassin.apache.org > Cc: 'Benny Pedersen' > Subject: RE: PayPal spam filter? > > Hi Benny > > Thanks for your tip. Could you elaborate on this a bit? First of all, a rule > with > the name SPF_DID_NOT_PASS or DKIM_DID_NOT_PASS seem not to exist. > How and where would I configure this? > > Thanks, > Juerg > > > -----Original Message----- > > From: Benny Pedersen [mailto:m...@junc.eu] > > Sent: Wednesday, June 12, 2013 9:38 PM > > To: users@spamassassin.apache.org > > Subject: Re: PayPal spam filter? > > > > Juerg Reimann skrev den 2013-06-12 21:30: > > > > > Is there a filter to block PayPal phishing mails, i.e. everything > > > that claims to come from PayPal but is not? > > > > meta SPF_DID_NOT_PASS (!SPF_PASS) > > > > simple ? :=) > > > > if paypal do use dkim then it could be checked with > > > > meta DKIM_DID_NOT_PASS (!DKIM_VALID_AU) > > > > phishing emails seldom pass on this 2 tests > > > > -- > > senders that put my email into body content will deliver it to my own > > trashcan, so if you like to get reply, dont do it
