not check the envelope anyway
Thanks,
Raymond Dijkxhoorn
Op 28 jun. 2016 om 03:27 heeft jdebert <jdeb...@garlic.com> het volgende
geschreven:
On Mon, 27 Jun 2016 18:41:04 +0530
Ram <r...@netcore.co.in> wrote:
I am seeing messages that appear to come from the MD or the CEO of
On Monday 27 June 2016 06:50 PM, Reindl Harald wrote:
Am 27.06.2016 um 15:11 schrieb Ram:
I am seeing messages that appear to come from the MD or the CEO of the
company to the accounts department asking people to transfer money to
some fake account
happens all day long
I know
them will be out of scope
for a spam filter.
These messages have different envelope ids so SPF checks always pass.
The header from is properly formatted exactly how it will be in a normal
mail
What measures do you take for such spear phishing
Thanks
Ram
On 08/02/2013 01:39 AM, N. Raghavendra wrote:
I work in a setup where the external mail server (say,
extmail.example.com) in a DMZ runs Spamassassin as soon as mail arrives
from the Internet, and then passes the mail to an internal mail server
(say, intmail.example.com) which has user maildirs.
I want to write a custom rule to match if Any header contain a
particular string
How do I do this ?
When I ask users to send misclassified mails ( FN or FP ) as an
attachment , they often dont get it right.
Also attaching from outlook , windows live mail etc is a big pain
Is there an outlook plugin people can use to report spam , that can come
to a URL or by mail ?
Thanks
Ram
mails in spamassassin ?
Thanks
Ram
These are the headers
http://pastebin.com/udbDgJ8L
Seems to have come from google , but is spam.
I cant even read the language :)
I am not able to lookup surbl
Infact the domain surbl.org does not seem to exist at all.
[root@pop2 bin]# dig surbl.org +short
[root@pop2 bin]#
I am sorry if this is old news .. I have no idea since when SURBL went
down ?
Thanks
Ram
On Fri, 2011-12-09 at 10:20 +0100, Robert Schetterer wrote:
Am 09.12.2011 13:58, schrieb Ram:
If I want to mark *all* invite mails as spam
linkedin, WAYN , facebook , google+ or anything else.
Is there a global way of doing this
my short solution was blacklist facebook
If I want to mark *all* invite mails as spam
linkedin, WAYN , facebook , google+ or anything else.
Is there a global way of doing this
and
was stopped.
Thanks
Ram
On Sun, May 9, 2010 at 1:03 AM, Benny Pedersen m...@junc.org wrote:
On lør 08 maj 2010 16:38:58 CEST, ram wrote
User-Agent: Internet Messaging Program (IMP) 3.2.5
un updated webmail
what is that means ?
Ram,
On Wed, May 5, 2010 at 6:49 PM, Bowie Bailey bowie_bai...@buc.com wrote:
ram wrote:
i still see this errors
May 5 10:28:03.484 [3153] dbg: config: warning: score set for
non-existent rule SHORTCIRCUIT
May 5 10:28:03.485 [3153] dbg: config: warning: score set for
non-existent rule
check.
Thanks
Ram
On Mon, May 3, 2010 at 7:28 PM, Benny Pedersen m...@junc.org wrote:
On man 03 maj 2010 07:51:01 CEST, ram wrote
this is my output
super
May 3 11:19:22.416 [621] warn: config: failed to parse line, skipping, in
/etc/mail/spamassassin/local.cf: use_auto_whitelist 1
remove
On Tue, 2010-04-27 at 11:08 -0400, Alex wrote:
Hi,
Might as well just block all of \.fr at smtp time for that matter :-)
Poor France :(
I mostly do... au revoir Le France
Somewhat off-topic, but in the interest of increasing awareness, India
reportedly ranks first:
On Wed, Apr 28, 2010 at 10:11 PM, Benny Pedersen m...@junc.org wrote:
On ons 28 apr 2010 10:55:10 CEST, ram wrote
/usr/bin/spamd -V
SpamAssassin Server version 3.3.1
running on Perl 5.8.8
with SSL support (IO::Socket::SSL 1.01)
with zlib support (Compress::Zlib 1.42)
spamassassin
Hi
thanks
but i rerun next time i have not seen that error
is that normal behaviour ?
Ram
On Wed, Apr 28, 2010 at 11:29 AM, C.M. Burns montibu...@googlemail.comwrote:
ram schrieb:
Hi
i have recently update from 3.2.X to 3.3.X
when i restart i get this message
spamd[18549
after update also still it shows old version why ?
X-Spam-Status: No, score=-0.4 required=5.0 tests=AWL,BAYES_00,
DATE_IN_PAST_03_06,HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,
RCVD_IN_SORBS_WEB autolearn=no version=3.2.5
On Wed, Apr 28, 2010 at 11:36 AM, ram talk2...@gmail.com wrote
On Fri, Apr 23, 2010 at 1:06 AM, Alex mysqlstud...@gmail.com wrote:
Hi,
How many entries? Does it just keep growing? We have a local one too,
and every so often correlate it with the public RBLs so as to not
duplicate the check and overhead.
They expire in 2 weeks. They should make it
both installed from rpm
Ram
On Wed, Apr 28, 2010 at 12:14 PM, Jari Fredriksson ja...@iki.fi wrote:
On 28.4.2010 9:10, ram wrote:
after update also still it shows old version why ?
X-Spam-Status: No, score=-0.4 required=5.0 tests=AWL,BAYES_00,
DATE_IN_PAST_03_06,HTML_MESSAGE
/usr/bin/spamd -V
SpamAssassin Server version 3.3.1
running on Perl 5.8.8
with SSL support (IO::Socket::SSL 1.01)
with zlib support (Compress::Zlib 1.42)
On Wed, Apr 28, 2010 at 12:14 PM, Jari Fredriksson ja...@iki.fi wrote:
On 28.4.2010 9:10, ram wrote:
after update also still
Hi
i have recently update from 3.2.X to 3.3.X
when i restart i get this message
spamd[18549]: config: failed to parse line, skipping, in
/etc/mail/spamassassin/local.cf: use_auto_whitelist 1
any suggestions
Ram
express, when they see some message is
spam
how can i ask them to report back so that create rules based on that
Any suggestion or help is appriciated
Ram
On Thu, Apr 8, 2010 at 12:27 AM, John Hardin jhar...@impsec.org wrote:
On Wed, 7 Apr 2010, ram wrote:
sa-learn --spam --showdots --dir /path/to/directory/full/of/spam/msgs
sa-learn --ham --showdots --dir /path/to/directory/full/of/ham/msgs
i have not able to understand this path ?
i need
On Wed, 2010-03-17 at 08:45 +0100, Per Jessen wrote:
Hans-Werner Friedemann wrote:
Hi @ all
I have another Newbee-Question but i can´t find any information
about that.
how can I adjust in SA, that eMails with a certain subject
are listed in my blacklist and filtered out?
Ram
http://www.spamhaus.org/dbl/
I think sa-folks would have this already in some URIBL rule. What are
the scores you assign for a dbl positive hit ?
I assume my current datafeed would already extend to data access on the
dbl list. I will have to setup my rbldnsd before trying this out.
://pastebin.com/6c9sEEn9
even recently i installed new qmail server
i still see lot of junk mail coming with different charecters, i do not even
read them clearly
how can i stop those kind of emails
Ram
the largest banks today are outsourcing their email. FcRDNS works
only if the organization runs their own mailing and dont keep changing
their mailhost names.
Thanks
Ram
-from the mail will be caught as spam.
I know there are ways to get around this rule too but in practical life
this has been real effective against phishing.
IMHO most of the anti-SPF bandwagon is more due ego issues than
technical.
Thanks
Ram
On Thu, 2010-02-18 at 12:17 -0800, J.D. Falk wrote:
On Feb 14, 2010, at 10:31 PM, ram wrote:
Anyway ReturnPath operates FBL's for yahoo and they provide IP address
based feedback loops at Cox etc
I dont know why this diff for yahoo.
Because that's how Yahoo! wants
On Sun, 2010-02-14 at 18:51 +0100, Ralf Hildebrandt wrote:
* Jeff Koch jeffk...@intersessions.com:
Sorry this is off-topic but has anyone successful applied for the
Yahoo Email Complaint Feedback Loop?
Yes, I did.
On the one hand their website says they have an ISP program
its located in /home/spamd
so how can i configure side wide bayes to capture more bayes
iam running sa-update cron. its upto date.
Ram
On Wed, Feb 10, 2010 at 9:13 AM, ram talk2...@gmail.com wrote:
Hi
its been 30days now i have setup a new qmail server with spamassassin 3.2.5
works well,
but iam using here simscan
i use to get in my old server lot of virus and spam emails
so we made strict rules now, like if simscan
there too long for adopting anything new then can
your be sure MailServer IP validation will be adopted ?
Anyway I block spams from almost all non-mailservers by using RBL's
I dont see any value add in implementing this
Thanks
Ram
I set this up for my mail server (using mtx instead
On Mon, 2010-02-08 at 22:08 -0500, dar...@chaosreigns.com wrote:
You get an email delivered from 64.71.152.40 (last untrusted
relay). You look up the DNS A record for that IP, and get
mail.chaosreigns.com. Then you look up the DNS PTR record of
On Mon, Feb 1, 2010 at 10:23 PM, Bowie Bailey bowie_bai...@buc.com wrote:
ram wrote:
hi
what i am looking is
iam looking sitewide, not userwide
so if the user feel its spam mail, he will send that mail to another
email of local account,
from there i want to choose the bayes
On Fri, Jan 29, 2010 at 7:58 PM, Bowie Bailey bowie_bai...@buc.com wrote:
ram wrote:
The rules in /usr/share/spamassassin are the original rules from the
install. If /var/lib/spamassassin/3.002.005 exists, those rules
will be
used instead. You can verify which rules
On Fri, Jan 29, 2010 at 8:41 PM, David Morton morto...@dgrmm.net wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Bowie Bailey wrote:
ram wrote:
iam still in confuse, how can i fine tune sitewide rules to send all
the users to send spam mails to one user ID
and configure rule
On Thu, Jan 28, 2010 at 7:53 PM, John Hardin jhar...@impsec.org wrote:
On Wed, 27 Jan 2010, ram wrote:
On Wed, Jan 27, 2010 at 9:54 AM, John Hardin jhar...@impsec.org wrote:
On Wed, 27 Jan 2010, ram wrote:
it works, but i see most of the mails are tagged as SPAM.
A little more detail
Hi
I normal do reply with other mailing list, when i do reply it go to the
mailing list ID as a sender
here i have not observed it is going to user. sorry for that.
On Thu, Jan 28, 2010 at 10:03 PM, Bowie Bailey bowie_bai...@buc.com wrote:
ram wrote:
On Thu, Jan 28, 2010 at 8:22 PM
trained the database and is it
enabled with use_bayes 1 in local.cf?
yes iam running that command inside spamd user
in the document said use_bayes default to 1
iam just trying to learn, what is the best way to learn bayes and fine tune
the configs
Ram
Best,
Alex
sifting
# without risking lost emails.
required_hits 5
report_safe 0
rewrite_header Subject [SPAM]
any advice will be appriciated
Ram
Hi
thanks for the quick answer
my coments below
On Wed, Jan 27, 2010 at 9:54 AM, John Hardin jhar...@impsec.org wrote:
On Wed, 27 Jan 2010, ram wrote:
it works, but i see most of the mails are tagged as SPAM.
A little more detail, please: Are you complaining about seeing lots of
false
On Tue, 2010-01-19 at 10:52 -0200, Taylon Silmer wrote:
Hello guys!
I have a lot of mail servers running spamassassin and I never had false
positives problems.
Recently I installed more one server and I'm having a lot of false
positives problem with it. I understand that spamassassin is
On Wed, 2010-01-06 at 07:51 +, Christian Brel wrote:
On Tue, 5 Jan 2010 14:18:54 -0800
jdow j...@earthlink.net wrote:
From: J.D. Falk jdfalk-li...@cybernothing.org
Sent: Tuesday, 2010/January/05 12:43
On Jan 5, 2010, at 10:10 AM, Greg Troxel wrote:
Once again I went to
On Tue, 2010-01-05 at 14:39 -0500, Bowie Bailey wrote:
Christian Brel wrote:
On Tue, 05 Jan 2010 12:10:28 -0500
Greg Troxel g...@ir.bbn.com wrote:
Does anyone have any ideas of what else might help?
#ADD TO THE END OF local.cf at your own risk
score
On Mon, 2009-11-16 at 21:32 -0900, Royce Williams wrote:
On Mon, Nov 16, 2009 at 11:04 AM, Per Jessen p...@computer.org wrote:
I was just wondering if anyone had mentioned this to ebay:
Date: Sun, 15 Nov 09 16:42:23 GMT-0700
will hit INVALID_DATE.
I've reported this multiple times,
On Mon, 2009-10-05 at 15:05 -0700, Quanah Gibson-Mount wrote:
--On Monday, October 05, 2009 11:50 PM +0200 mouss mo...@ml.netoyen.net
wrote:
Thomas Mullins a écrit :
We have been running Spamassassin for maybe eight years now. But, my
coworkers do not like OpenSource. So they have
On Mon, 2009-06-15 at 15:35 +1000, Con Tassios wrote:
On Mon, 15 Jun 2009, Chip M. wrote:
DOB (Day Old Bread) had the same problem last year:
http://mail-archives.apache.org/mod_mbox/spamassassin-users/200810.mbox/%3cva.33f1.14690...@news.conactive.com%3e
With software bugs,
,
.
..(other rules )
And for the smtp-auth mails do not scan for spam at all. Not only will
you avoid FP's .. you will also save a lot of processing on your
server
Thanks
Ram
PS:
Why are you hiding the spammail in the pastebin. The contents of spam
On Sat, 2009-06-06 at 02:55 -0700, chauhananshul wrote:
I'm getting a lot of mails daily in which to from addresses are same
spamassassin is not able to stop them. I'm using spamassassin-3.2.5-1.el4.rf
CentOS4.7 with sendmail.I've increased the score to 4 frm default 5 but
stills its not
On Wed, 2009-06-03 at 00:48 -0700, ryefish wrote:
Hello: I am attempting to configure SA to mark as spam all email from
Top-Level-Domains other than .com, .net, and .edu.
I have found three possible ways to do this. Which if any is the preferred
method:
1) blacklisting in local.cf:
in local.cf and that
will override the default
3) Gmail adds a header like Received-SPF: fail/pass/neutral. I think MTA
is adding this header. How this type of headers can be added?
Try Google search , or ask in the MTA mailing list. That is off-topic
here
Thanks
Ram
BTW: Any post you
But If legitimate senders, of your domain, are also sending to the same
server , your SPF record should include all of their ips.:-)
Read more on SPF records and where they are useful.
http://www.openspf.org/FAQ
Thanks
Ram
mouss-2 wrote:
Bijayant a écrit :
Hi,
I am a newbie so please
On Tue, 2008-12-30 at 13:38 +, Ned Slider wrote:
ram wrote:
On Tue, 2008-12-30 at 04:11 -0800, Bijayant wrote:
Thanks, but I do not want to reject those mails.
Why not?
I agree - this is by far the simplest method of tackling this problem.
SPF is meant as a mechanism for *others
On Mon, 2008-12-29 at 13:26 +0100, Michelle Konzack wrote:
Hello *,
since arrount 5 days I am hit by several 10.000 very small (~2 kByte)
messages which use my email addresse in From: and To:...
Does anyone know, how to stop this shit effectively?
If the spammer is forging your
On Sun, 2008-12-28 at 23:55 -0600, David Hasbrouck wrote:
Hello,
I use qmail with simscan, run spamd as a daemon. I am running Spam
Assassin 3.2.5 on CentOS 4.7.
I am having an issue where all my emails are getting tagged with
URIBL_RED/GREY/BLACK. Emails that contain invalid domains in
sa --lint errors
I have a lot of servers , including some at remote locations.
What is the recommended way of disabling the rules
Thanks
Ram
On Wed, 2008-12-17 at 07:43 +0100, Benny Pedersen wrote:
On Ons, December 17, 2008 07:35, ram wrote:
I would like to remove the SURBL lookups from our servers since they
are no longer free (and their charges are unreasonable )
show links where this is stated or make a bug on it :)
http
On Tue, 2008-12-09 at 07:38 -0500, Michael Scheidell wrote:
Last week, a security bullet was released about security problems with
php5 prior to version 5.2.7.
Yesterday, a major regression testing problem was fixed in 5.2.7, with
the removal of the 5.2.7 binaries, and the emergency release
On Wed, 2008-12-10 at 13:09 +, Ned Slider wrote:
ram wrote:
I got a spam with just a link to a google groups page
https://ecm.netcore.co.in/tmp/spam_google.txt
Now I am scoring all mails with links to groups.google but
(may not be a gr8 idea though )
Bayes training
I got a spam with just a link to a google groups page
https://ecm.netcore.co.in/tmp/spam_google.txt
Now I am scoring all mails with links to groups.google but
(may not be a gr8 idea though )
with their clients
spams will still reduce further. All the pill spamming you see may be a
thing of the past. Just like today we dont see any of the stock spams as
before ( I dont know why though ? )
Antispam will be a low end commodity service like antivirus is today
Thanks
Ram
PS: If you want
On Tue, 2008-11-18 at 11:26 +0100, Matus UHLAR - fantomas wrote:
On 17.11.08 18:15, Mark Martinec wrote:
I have been using USER_IN_SPF_WHITELIST to whitelist mails from google
alerts
It had been working fine , but last 2-3 days I see that these mails dont
get an SPF-pass. Seems guys
Is this news true ( spams down by 75% )
http://www.securecomputing.net.au/News/128340%
2cspam-volumes-drop-75-percent-in-a-day.aspx
On my servers I havent seen any big change
Thanks
Ram
On Mon, 2008-11-17 at 07:32 +0100, Benny Pedersen wrote:
On Mon, November 17, 2008 05:48, ram wrote:
I have been using USER_IN_SPF_WHITELIST to whitelist mails from google
alerts
It had been working fine , but last 2-3 days I see that these mails dont
get an SPF-pass. Seems guys
I have been using USER_IN_SPF_WHITELIST to whitelist mails from google
alerts
It had been working fine , but last 2-3 days I see that these mails dont
get an SPF-pass. Seems guys at google are using some other servers
How can I report to them , The gmail/google alerts site does not have
any
Thanks
1 scored like this:
Content analysis details: (12.9 points, 5.0 required)
pts rule name description
-- --
-1.0 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low
On Fri, 2008-10-31 at 08:53 -0500, Kevin Windham wrote:
Is there a ruleset for encoded URLs or addresses? I have some examples
I can send, but so far I tried to send this email twice with the
example URLs, and it never makes it to the list, so I'm guessing
someone has some rules in place
On Fri, 2008-10-03 at 20:36 +0200, [EMAIL PROTECTED] wrote:
Hello,
I have done an upgrade with perl -MCPAN -e shell and then i recognized, that
spamassassin will not run.
He said:
spam_scan FAILED: Can't locate object method get_tag via package
Mail::SpamAssassin::PerMsgStatus at
I am trying to write a Custom SA plugin.
Can I get the envelope recipient(s) of a mail.
Because I am going to have recipient specific rules , and I dont want to
rely on the ToCc headers
Thanks
Ram
should do better than allowing such a gaping loophole
Thanks
Ram
dsbl has been down for a long long time now
Any more DNS checks is just waste of time
On Thu, 2008-09-25 at 11:41 -0400, Bowie Bailey wrote:
Todd Adamson wrote:
Would I be correct or incorrect that this will get updated
to our rules through sa-update. If this does get corrected,
what
On Mon, 2008-09-22 at 10:58 -0500, Matt wrote:
I had the same issue and found that the system that's relaying
(216.129.105.40) those confirmation emails doesn't have a PTR record.
You'd think someone selling a antispam/email appliance would be familiar
with the RFCs.
That would
a website for support-intelligence.net.
Thanks
Ram
On Thu, 2008-09-11 at 15:25 -0700, fchan wrote:
Hi,
Sorry I don't have experience with this product.
I do have limited experience with Barracuda Networks appliance and I
think is a great product for an e-mail filter which I had experienced
with my friend to set up on their network email
On Thu, 2008-09-11 at 07:53 -0500, Jack L. Stone wrote:
Folks, I'm trying to capture/grep specific given info from the subject
output, like this:
#spamassassin -D --lint | grep database
spamassassin -D --lint 21 | grep database
I have been using SA for english mails all along
If I want to use SA for german mails , what are the rulesets I should
use. I have seen my installation throws up a few FP's for german
mails. I use the default SA rules + select SARE rules
Thanks
Ram
) and do not retry.
Do they get their mails delivered at all ?? Such server admins would
deserve what they get.
Thanks
Ram
On Tue, 2008-08-26 at 00:40 +0200, GoodnGo.de (R) Zentrale wrote:
Hello List,
I am using SpamAssassin version 3.2.5
Postfix, amavis, clamd, *nix
My question:
All emails from localhost are tagged als ***Spam*** in the subject
line.
How can I avoid this ?
Please help me.
On Fri, 2008-08-22 at 13:11 -0400, [EMAIL PROTECTED] wrote:
I do have a SPF record. I just dont understand how I can recieve a email
from myself. In the headers it show a completely different address. I am
not a open relay . I think will try domain keys.next.
No wait.
Just make
I have some users complain to me that their ids get subscribed
automatically to some yahoo groups and they want these mails to be
scored by SA
I had created special rules in SA not to flag yahoogroups mails , but it
seems yahoogroups is not that innocent after all
Thanks
Ram
On Fri, 2008-08-22 at 12:13 +0100, Martin Gregorie wrote:
On Fri, 2008-08-22 at 11:55 +0200, mouss wrote:
you can unsubscribe via email without a password (and without having a
yahoo account):
OK, thanks for the info. I don't use Yahoo Groups and wasn't sure if
there was some gotcha to
send their username
passwords back
I need to write a SA rule to score mails asking for username / passwords
inside the mail
Thanks
Ram
On Wed, 2008-07-30 at 09:21 -0500, Ken A wrote:
Arvid Ephraim Picciani wrote:
On Wednesday 30 July 2008 00:55:50 mouss wrote:
Ken A wrote:
Can be a probe too. Accepting mail from that IP with that content says
something about your system. Spammers aren't stupid. They fingerprint us
just
with spamhaus anyway
Thanks
Ram
On Fri, 2008-07-11 at 07:06 -0700, Wil Decius wrote:
I'm trying to get Spamassassin local configuration setup to
whitleist-by-SPF. The box, as delivered to me, runs Debian with
spamassassin -V
SpamAssassin version 3.2.5-r609689
running on Perl version 5.8.8
In local.cf I've
of URIBL_SBL since it is very good at
catching spam
Thanks
Ram
of Expensive_registrars as
well as a list of Freemail domains. I wonder if such lists are available
though
But you could have big corporates , with weak password policies and
accounts getting compromised. So spam does come from these accounts
Thanks
Ram
On Thu, 2008-07-03 at 10:48 +0200, Matus UHLAR - fantomas wrote:
On 03.07.08 11:35, Henrik K wrote:
I'd like to encourage people to take more advantage of DNSWL.
while DNSWL('s) may be good, I encountered many cases whan spam and bounces
won't get catched by SA because the sender is in
as spam due to positive
ones
Thanks
Ram
On Thu, 2008-06-26 at 19:48 -0400, Matt Kettler wrote:
ram wrote:
Hi
In my local.cf I have
--
score USER_IN_SPF_WHITELIST -100
priority USER_IN_SPF_WHITELIST -1000
priority RCVD_IN_XBL -800
shortcircuit USER_IN_SPF_WHITELIST on
shortcircuit RCVD_IN_XBL
seen scamsters are sending targetted spams
to people of hotel industry , holiday industry etc
Thanks
Ram
On Wed, 2008-06-04 at 18:24 +0200, Benny Pedersen wrote:
On Wed, June 4, 2008 17:11, mouss wrote:
If they can't configure their system to reject invalid recipients at
smtp time, there is no hope that they will setup SPF checking correctly!
it was olso my conclusion after i have writed
On Thu, 2008-06-05 at 12:02 +0200, Benny Pedersen wrote:
On Thu, June 5, 2008 07:33, ram wrote:
I do something like this.
((! SPF_PASS ) ( ENV_FROM_GOOD_BANKS || HEADER_FROM_GOOD_BANKS) )
then give a score 3.0
Of course the GOOD_BANKS are a list of bank which have SPF records.
we
On Thu, 2008-06-05 at 13:08 +0200, Benny Pedersen wrote:
On Thu, June 5, 2008 12:53, ram wrote:
Phishers sometimes just forge the Header from not the Env-From.
You would not get a SPF_FAIL, because there was nothing wrong with the
sender address. But the end users are usually
belong to the bank
I do something like this.
((! SPF_PASS ) ( ENV_FROM_GOOD_BANKS || HEADER_FROM_GOOD_BANKS) )
then give a score 3.0
Of course the GOOD_BANKS are a list of bank which have SPF records.
Thanks
Ram
1 - 100 of 197 matches
Mail list logo