Hi, Commonly RCVD_IN_ rules are checking the last untrusted relay, but RCVD_IN_SORBS_WEB is apparently doing all Received hops.
Received: from host (host [2.2.2.2]) #The last untrusted relay Received: from [192.168.1.100] ([1.1.1.1]) #Authenticated MUA I would expect it to check only 2.2.2.2 (the last untrusted hop), but in this case 1.1.1.1 was listed in SORBS_WEB and was scored 1.50. -- View this message in context: http://spamassassin.1065346.n5.nabble.com/RCVD-IN-SORBS-SPAM-and-google-IPs-tp122542p134044.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
