>Possible other error - if DoNoFrom is set to score, shouldn't it ADD 50
(or whatever valance) to the message, vs making the message score 50?
This header check fails and faults are counted if :
...
The scoring value nofromValencePB is added for each detected fault
>Would you consider giving us the option to turn this one option off?
OK.
Thomas
Von: "K Post" <nntp.p...@gmail.com>
An: "ASSP development mailing list" <assp-test@lists.sourceforge.net>
Datum: 21.11.2018 22:41
Betreff: Re: [Assp-test] DoNoFrom scoring with different domain in
>From and Sender
Thanks Thomas.
Possible other error - if DoNoFrom is set to score, shouldn't it ADD 50
(or whatever valance) to the message, vs making the message score 50? I
have seen a couple DoNoFrom catches BLOCk the email because 50 is my limit
when the message had a -35 (negative) score before getting to the DoNoFrom
check. The message score went from -35 right to 50 and was then blocked.
The -35 came from senderbase. Did that get ignored because I've got
DoNoFrom to check even whitelisted mail?
also you wrote:
- addresses in the From: and Sender: headers contain different domains
(subdomains are ignored)
Would you consider giving us the option to turn this one option off? I'm
seeing legitimate email coming from mailing services where they put a
Sender line with essentially what is the Mail-From from the envelope but
the FROM line as the person who is paying to have the emailing service
(generally what the email client picks up to display the from). I really
don't know what the point of the Sender line is, but it's being used more
and more. I'd really like to be able to tailor DoNoFrom further so it's
effective with the way we get mail without causing the false positives
that we're getting now.
On Tue, Nov 20, 2018 at 7:16 AM Thomas Eckardt <thomas.ecka...@thockar.com
> wrote:
>From: "serv...@thecompany.com" <serv...@thecompany.com>
this parsing mistake will be fixed in the next release
>I don't see where the GUI indicates that this should be blocked. For
DoNoFrom, the gui says ([ with my notes in brackets]
I forgot the documentation
- addresses in the From: and Sender: headers contain different domains
(subdomains are ignored)
will be fixed
Thomas
Von: "K Post" <nntp.p...@gmail.com>
An: "ASSP development mailing list" <
assp-test@lists.sourceforge.net>
Datum: 19.11.2018 17:19
Betreff: Re: [Assp-test] DoNoFrom scoring with different domain in
>From and Sender
Update: I went back through the logs. I'm seeing lots of
X-Assp-Message-Score: 50 (multiple (2) 'From:' header tags found
( DoNoFrom ))
X-Assp-IP-Score: 50 (multiple (2) 'From:' header tags found (
DoNoFrom ))
tags, that's making messages be rejected. Most of from legitimate mailing
companies, like SendGrid,
One that I found has a single from line (no sender line like the other one
I reported last week) which looks like this:
From: "serv...@thecompany.com" <serv...@thecompany.com>
Is that being detected as "multiple email addresses are found in one
header." Yes, the email address is there twice, but it's the same
address, once instead of the name of the sender and once as the email
address itself. While bad form, do we really want to treat this as
illegal and add the default score of 50 for this, even though the rest of
the message is good? This message got a -35 score initially because of a
whitesenderbase, but the DoNoFrom added 50 (so a +15 net score), but the
message was still rejected. It's almost like DoNoFrom is set to BLOCK,
when it was actually set to score.
Can we discuss if something changed in the most recent version?
For now, I've set DoNoFrom to monitor.
Thanks
On Wed, Nov 14, 2018 at 12:25 PM K Post <nntp.p...@gmail.com> wrote:
I had a message go to spam because DoNoFrom reports 2 different sender
domains in from and sender.
Analyze says:
DoNoFrom: detected (1) faults in scoring mode - last reason: found (2)
different sender domains in 'From:' and 'Sender:' header tags ( DoNoFrom )
- penalty: 1 * 50 = 50
I don't see where the GUI indicates that this should be blocked. For
DoNoFrom, the gui says ([ with my notes in brackets]
- both headers (From: and Sender:) are missing
[they're both there]
- any of these headers contains not a valid email address
[all valid]
- multiple of the same headers are found
[only one from and one sender line]
- multiple email addresses are found in one header.
[see below, only one address for sender and one for from, but they
are different domains]
Sender: =?UTF-8?B?VmluY2V4bCBIdWdaZXa=?= <bou...@bounce.theirbigorg.org>
Reply-To: theper...@gmail.com
From: "Person Name" <theper...@gmail.com>
I didn't know that DoNoFrom would fail if there was a different sender
domain in From and Sender as is the case here. Am I mistaken? Is there a
way to allow different from and sender domains? I'd think that would be
pretty common.
Thanks
ken
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
