Spam detection software, running on the system "mail.pglaf.org",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Spam detection software, running on the system
"mail.pglaf.org",
has identified this incoming email as possible spam. The original message
has been attached to this so you can view it or label similar [...]
Content analysis details: (7.4 points, 4.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
[score: 0.5000]
2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs
[URI: tracker.uw0.xyz (xyz)]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider (gmkarl[at]gmail.com)
1.0 FORGED_GMAIL_RCVD 'From' gmail.com does not match 'Received'
headers
0.0 DKIM_ADSP_CUSTOM_MED No valid author signature, adsp_override is
CUSTOM_MED
1.0 MISSING_HEADERS Missing To: header
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: uw0.xyz]
2.5 URIBL_DBL_BOTNETCC Contains a botned C&C URL listed in the
Spamhaus DBL blocklist
[URIs: coppersurfer.tk]
2.1 MALFORMED_FREEMAIL Bad headers on message from free email
service
-1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list
manager
The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.
--- Begin Message ---
Spam detection software, running on the system "mail.pglaf.org",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: > 2.5 URIBL_DBL_BOTNETCC Contains a botned C&C URL listed
in the > Spamhaus DBL blocklist > [URIs: coppersurfer.tk] > 2.0
PDS_OTHER_BAD_TLD
Untrustworthy TLDs > [URI: tracker.uw0.xyz (xyz)] These are [...]
Content analysis details: (8.3 points, 4.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
[score: 0.5000]
2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs
[URI: tracker.uw0.xyz (xyz)]
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider (gmkarl[at]gmail.com)
1.0 MISSING_HEADERS Missing To: header
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
valid
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: coppersurfer.tk]
2.5 URIBL_DBL_BOTNETCC Contains a botned C&C URL listed in the
Spamhaus DBL blocklist
[URIs: coppersurfer.tk]
-0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.167.49 listed in wl.mailspike.net]
2.1 MALFORMED_FREEMAIL Bad headers on message from free email
service
--- Begin Message ---
> 2.5 URIBL_DBL_BOTNETCC Contains a botned C&C URL listed in the
> Spamhaus DBL blocklist
> [URIs: coppersurfer.tk]
> 2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs
> [URI: tracker.uw0.xyz (xyz)]
These are probably to prevent malicious content. I might remove them
assuming list subscribers can avoid viruses. These particular domains
host torrent trackers mentioned in the source code that was attached.
> 1.2 NUMERIC_HTTP_ADDR URI: Uses a numeric IP address in URL
This one seems bad to me because numeric ip addresses help people
avoid dns spoofing and poisoning.
> 2.0 LONGWORDS Long string of long words
Not sure here. I'd have to look at the source of this one to form an
opinion, and might personally reduce its strength because I don't
understand it.
> 1.0 MISSING_HEADERS Missing To: header
> 1.0 FORGED_GMAIL_RCVD 'From' gmail.com does not match 'Received'
> 2.1 MALFORMED_FREEMAIL Bad headers on message from free email
> service
These attempt to coerce me to stop using gmail. I'd really like to
stop using gmail, so to some degree that's helpful. It's really hard
to do so, so some of my emails may bounce ;p
--- End Message ---
--- End Message ---
