I have been experiencing a huge amount of spam getting through to some
big target addresses, mainly from .eu and .info addresses, and would
like to see if someone can find something wrong with my setup. I
recently upgraded to 3.4, but still the same issue. I am using Postfix
with Maia Mailguard (a forked version of amavisd-new). Here is one
example, could someone test this on their own config and see how the
scores compare?
Interestingly enough, I get some different rules triggered when I copy
the source to a file and run on the command line:
Content analysis details: (5.8 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
1.4 RCVD_IN_BRBL_LASTEXT RBL: No description available.
[209.190.37.182 listed in bb.barracudacentral.org]
3.0 BAYES_80 BODY: Bayes spam probability is 80 to 95%
[score: 0.8208]
1.4 PYZOR_CHECK Listed in Pyzor (http://pyzor.sf.net/)
Looking the original message up in the database, it scored only 2.589.
DCC_CHECK (1.1) hit, but not Pyzor, and BAYES_60 (1.5). Probably the
bayes increase is from learning. That's it on the original message, only
other two rules that hit were small negative scores of SPF_PASS and
T_RP_MATCHES_RCVD. Anyway, looks like it should get blocked if this same
message went through again, but I am getting a lot of this, just wanted
to see if someone else was triggering more rules? Thanks!
<BEGIN MESSAGE>
Received: from 002feec0.gracierichard.eu (cfot701g.gracierichard.eu
[209.190.37.182])
by mx5.webtent.net (WebTent ESMTP Postfix Internet Mail Exchange) with
ESMTP id 5AD77D78E1
for <colum...@rfitz.com>; Mon, 30 Jun 2014 06:38:24 -0400 (EDT)
Received: by 002feec0.cfot701g.gracierichard.eu
(amavisd-new, port 9883) with ESMTP id 00BALB2FEECIRHC0;
for <colum...@rfitz.com>; Mon, 30 Jun 2014 03:38:15 -0700
Date: Mon, 30 Jun 2014 03:38:15 -0700
Message-ID: <58831523135429588377315227253...@cfot701g.gracierichard.eu>
To: <colum...@rfitz.com>
From: "GracieRichard" <gracierich...@gracierichard.eu>
Subject: Neat Trick permanently_ Removes Herpes.
Content-Language: en-us
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="UTF-8"
Hey There,
Close to two in five people in the US currently have general herpes.
Unfortunately the likelihood of transferring this STD to a partner is
during an outbreak.
We have a scientifically backed holistic approach to cure and end herpes
effectively.
Stop being embarassed about this disease and learn more with our
information.
Watch our incredible video here:
http://www.gracierichard.eu/l/lc1A5883G152D/773F2725UJ3621YH40FK3135429MV3518899638
If you preffer to remove from us visit link below :
http://www.gracierichard.eu/l/lc4Y5883A152V/773S2725ST3621XG40XD3135429DR3518899638
Should you no longer wish to receive emails from us, visit this link
or mail comments to 340 S LEMON AVE # 9514 WALNUT, CA 91789 UNITED STATES
http://www.gracierichard.eu/l/lc4C5883F152V/773C2725VX3621SH40EC3135429AS3518899638
The ERK pWKAhway is a way for proVMIIins to comm546284unicaUUXK a signal
fr8628456om the surface of a cell to the nucleus which contains
th879268465e cell’s genetic maWVJWrial Furth568429846er research will
focus on understanding how this important pGKShway is regulaNRWJd during
limb regenerHQTion, and which other molecule648426s are involved in the
process
<END OF MESSAGE>
--
Robert
