http://bugzilla.spamassassin.org/show_bug.cgi?id=3740
------- Additional Comments From [EMAIL PROTECTED] 2004-09-09 13:21 ------- First of all, thank you very much for submitting the example as an attachment of a full original email message. It makes it _much_ easier to figure out what is going on with it. Attachment 2330 is not a demonstration of the bug you reported here. This bug is that a mailer-daemon bounce from yahoo.com incorrectly hits the FORGED_YAHOO_RCVD rule. What you are demonstrating in the attached message is that a mailer-daemon bounce from yahoo.co.uk triggers other spam rules in 2.64. FORGED_YAHOO_RCVD never comes into play because that is only done for yahoo.com. It would be another issue if spammers use yahoo.co.uk forged addresses often enough that we want to have a special rule to catch that, the way forged yahoo.com addresses are caught by FORGED_YAHOO_RCVD. In the absence of enough such forgeries there is no reason to add yahoo.co.uk to the FORGED_YAHOO_RCVD rule. As for this attachment, it appears to be a false positive in 2.64 but as Michael Parker showed it has aleady all been taken care of in version 3.0. Since we are not fixing any more bugs in the 2.6+ branch (2.64 was released only because of security problems) with 3.0 within weeks of final release, I'm going to close this again. Just to make sure I confirmed Michael Parker's results with the latest svn and without Bayes: X-Spam-Status: No, score=0.2 required=5.0 tests=MISSING_DATE,NO_REAL_NAME autolearn=no version=3.0.0-rc4-r43627 You can work around this at your own site by adding [EMAIL PROTECTED] to your global whitelist as Justin suggested we do in comment #18. My objection about it opening up a hole for spammer abuse does not apply when you do it just for your own site as a temporary measure until 3.0 release. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.