http://bugzilla.spamassassin.org/show_bug.cgi?id=4576
------- Additional Comments From [EMAIL PROTECTED] 2005-09-10 00:33 ------- Hi, > I'm confused... if helo=SERVER and rdns=15.254.203.62.cust.bluewin.ch (which > forwards to the 62.203.254.15) what is "[81.173.228.159]" (which rdns to > xdsl-81-173-228-159.netcologne.de.)? > Yes in this example has been a forwarding in place. > Why would be want to extend the trust path to them (a freemail provider) > anyway? > To me this part is a non-issue. If for some weird reason you wanted to you > could just use whitelist_from_rcvd * gmx.de. Because here in europe almost everybody has got a GMX account for private mail. And whistlisting is a no-go. What about those who forward mails from *.gmx to their ISP account. Do I want all SPAM sent to gmx accounts passing our spamassassin ? Beleave me, with our trustlist I've got very very good experiences. GMX has some sender limits in place as we have ourself in our freemail configuration. If a spammer tries to abuse it and sends more than 200 mails per hour, we begin to send them through spamassassin and check those mails. The account is blocked then if we detect spam signs. Just have a look here: These mails here are all possible FPS candidats from this night. Before I made a fixup ruleset to have statistics, we got about 200 mails per day with >= 5 SA points. All of them where false positives. The ruleset I use: header __RCVD_GMX Received =~ /\.gmx\.(?:de|ch|at|net)/i header __X_AUTH_SMTP X-Authenticated =~ /[a-z0-9]+/i header __RCVD_QMAIL Received =~ /qmail/i meta QMAIL_NUMERIC_HELO (__RCVD_QMAIL + __X_AUTH_SMTP + NUMERIC_HELO == 3) meta QMAIL_RCVD_IPADDR2 (__RCVD_QMAIL + __X_AUTH_SMTP + HELO_DYNAMIC_IPADDR2 == 3) meta QMAIL_RCVD_SPLIT_IP (__RCVD_QMAIL + __X_AUTH_SMTP + HELO_DYNAMIC_SPLIT_IP == 3) meta QMAIL_HELO_DHCP (__RCVD_QMAIL + __X_AUTH_SMTP + HELO_DYNAMIC_DHCP == 3) meta QMAIL_NEED_FIX (__RCVD_QMAIL + __X_AUTH_SMTP + __RCVD_GMX + __RCVD_GMX + __RCVD_GMX == 2) describe QMAIL_RCVD_IPADDR2 QMAIL FPS describe QMAIL_RCVD_SPLIT_IP QMAIL FPS describe QMAIL_HELO_DHCP QMAIL FPS describe QMAIL_NUMERIC_HELO QMAIL FPS describe QMAIL_NEED_FIX Broken QMAIL score QMAIL_RCVD_IPADDR2 -1.5 score QMAIL_RCVD_SPLIT_IP -2.9 score QMAIL_HELO_DHCP -3.1 score QMAIL_NUMERIC_HELO -1.5 score QMAIL_NEED_FIX 0.001 Sep 10 00:00:43 mx2 sm-mta[47709]: j89M0aJ0047709: Milter add: header: X-Spam-Status: Yes, hits=5.727 required=5 scantime="6.0655 seconds" tests=BAYES_50,EXTRA_MPART_TYPE,\n\tHELO_DYNAMIC_HCC,HELO_DYNAMIC_IPADDR2,HTML_50_60,\n\tHTML_MESSAGE,QMAIL_RCVD_IPADDR2,TDE_RO_BV_GRATIS Sep 10 01:49:53 mx2 sm-mta[78747]: j89NnmV3078747: Milter add: header: X-Spam-Status: No, hits=1.292 required=5 scantime="4.0460 seconds" tests=BAYES_60,HELO_DYNAMIC_IPADDR2,\n\tHELO_DYNAMIC_SPLIT_IP,HTML_MESSAGE,QMAIL_RCVD_IPADDR2,\n\tQMAIL_RCVD_SPLIT_IP,RCVD_NUMERIC_HELO Sep 10 01:51:29 mx2 sm-mta[80563]: j89NpOrB080563: Milter add: header: X-Spam-Status: No, hits=-0.033 required=5 scantime="2.6899 seconds" tests=BAYES_50,HELO_DYNAMIC_DHCP,\n\tQMAIL_HELO_DHCP Sep 10 01:51:30 mx2 sm-mta[80564]: j89NpOuc080564: Milter add: header: X-Spam-Status: No, hits=-0.033 required=5 scantime="4.5765 seconds" tests=BAYES_50,HELO_DYNAMIC_DHCP,\n\tQMAIL_HELO_DHCP Sep 10 01:51:32 mx2 sm-mta[80562]: j89NpOh3080562: Milter add: header: X-Spam-Status: No, hits=-0.033 required=5 scantime="6.1371 seconds" tests=BAYES_50,HELO_DYNAMIC_DHCP,\n\tQMAIL_HELO_DHCP Sep 10 02:07:20 mx2 sm-mta[99235]: j8A07BeF099235: Milter add: header: X-Spam-Status: Yes, hits=5.348 required=5 scantime="7.5679 seconds" tests=BAYES_50,DATE_IN_PAST_12_24,\n\tHELO_DYNAMIC_HCC,HELO_DYNAMIC_IPADDR2,QMAIL_RCVD_IPADDR2 Sep 10 06:16:59 mx2 sm-mta[90308]: j8A4Gs01090308: Milter add: header: X-Spam-Status: No, hits=3.429 required=5 scantime="3.8332 seconds" tests=BAYES_50,HELO_DYNAMIC_DHCP,\n\tHELO_DYNAMIC_IPADDR,HTML_MESSAGE,MSGID_FROM_MTA_ID,\n\tNO_REAL_NAME,QMAIL_HELO_DHCP Sep 10 07:46:13 mx2 sm-mta[94131]: j8A5k8RR094131: Milter add: header: X-Spam-Status: No, hits=0.467 required=5 scantime="4.1367 seconds" tests=BAYES_50,HELO_DYNAMIC_DHCP,\n\tMSGID_FROM_MTA_ID,QMAIL_HELO_DHCP Sep 10 08:27:43 mx2 sm-mta[45038]: j8A6RdcI045038: Milter add: header: X-Spam-Status: No, hits=0.668 required=5 scantime="3.1729 seconds" tests=BAYES_50,HELO_DYNAMIC_DHCP,\n\tHTML_IMAGE_ONLY_28,HTML_MESSAGE,QMAIL_HELO_DHCP Sep 10 08:27:43 mx2 sm-mta[45035]: j8A6RdbR045035: Milter add: header: X-Spam-Status: No, hits=0.668 required=0 scantime="3.2731 seconds" tests=BAYES_50,HELO_DYNAMIC_DHCP,\n\tHTML_IMAGE_ONLY_28,HTML_MESSAGE,QMAIL_HELO_DHCP Sep 10 08:27:44 mx2 sm-mta[45037]: j8A6RdnK045037: Milter add: header: X-Spam-Status: No, hits=-4.233 required=5 scantime="3.6046 seconds" tests=BAYES_00,HELO_DYNAMIC_DHCP,\n\tHTML_IMAGE_ONLY_28,HTML_MESSAGE,QMAIL_HELO_DHCP Sep 10 08:39:20 mx2 sm-mta[59233]: j8A6dGjq059233: Milter add: header: X-Spam-Status: No, hits=-2.412 required=5 scantime="3.1317 seconds" tests=BAYES_05,HELO_DYNAMIC_IPADDR2,\n\tHTML_MESSAGE,QMAIL_RCVD_IPADDR2 Sep 10 08:39:58 mx2 sm-mta[59871]: j8A6do14059871: Milter add: header: X-Spam-Status: No, hits=0.001 required=5 scantime="6.2905 seconds" tests=BAYES_50,HELO_DYNAMIC_IPADDR2,\n\tQMAIL_RCVD_IPADDR2 Sep 10 08:54:48 mx2 sm-mta[78216]: j8A6sfRj078216: Milter add: header: X-Spam-Status: No, hits=-4.9 required=7 scantime="3.3006 seconds" tests=BAYES_00,HELO_DYNAMIC_IPADDR2,\n\tQMAIL_RCVD_IPADDR2 Sep 10 08:56:46 mx2 sm-mta[80703]: j8A6ug4u080703: Milter add: header: X-Spam-Status: No, hits=0.001 required=5 scantime="2.8540 seconds" tests=BAYES_50,HELO_DYNAMIC_IPADDR2,\n\tQMAIL_RCVD_IPADDR2 Sep 10 08:58:15 mx2 sm-mta[82698]: j8A6wAkH082698: Milter add: header: X-Spam-Status: No, hits=-3.974 required=5 scantime="3.4582 seconds" tests=BAYES_00,HELO_DYNAMIC_IPADDR2,\n\tHELO_DYNAMIC_SPLIT_IP,HTML_50_60,HTML_MESSAGE,\n\tQMAIL_RCVD_IPADDR2,QMAIL_RCVD_SPLIT_IP,\n\tRCVD_NUMERIC_HELO Sep 10 09:12:45 mx2 sm-mta[1385]: j8A7CdC7001385: Milter add: header: X-Spam-Status: No, hits=0.102 required=5 scantime="4.1043 seconds" tests=BAYES_50,HELO_DYNAMIC_DHCP,HTML_50_60,\n\tHTML_MESSAGE,QMAIL_HELO_DHCP Sep 10 09:23:59 mx2 sm-mta[15841]: j8A7NtmN015841: Milter add: header: X-Spam-Status: No, hits=0.792 required=5 scantime="3.3552 seconds" tests=BAYES_50,HELO_DYNAMIC_IPADDR2,\n\tHELO_DYNAMIC_SPLIT_IP,QMAIL_RCVD_IPADDR2,\n\tQMAIL_RCVD_SPLIT_IP,RCVD_NUMERIC_HELO ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
