https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6524
--- Comment #1 from Karsten Bräckelmann <[email protected]> 2010-12-22 19:11:42 UTC --- > amazon.com is a popular forged domain for spam/phishing, and AWL storing the > first two octets isn't enough to avoid poisoning real amazon.com mail. This part, changing the netmask, would be a duplicate of a bug or two already requesting this, and debating pros and cons... Moreover, since AWL is disabled by default since 3.3.0, this is no longer an issue with the latest stable versions. Candidate for RESOLVED, FIXED or INVALID. > It's now the busy holiday season, which means that Amazon's infrastructure is > scaled out significantly, making use of servers and IP addresses not recently > used for amazon.com shopping. However, these IP addresses have been in the EC2 > pool, and thus occasionally used by spammers, and thus occasionally used by > spammers faking addresses from amazon.com (which will conveniently pass SPF > checks too). Thus, by leasing out parts of their infrastructure for EC2, > Amazon > has inadvertently blacklisted themselves in anyone using SA AWL. If Amazon really would be using EC2 addresses for sending transactional mail (or any mail for that matter), they should severely be LARTed. I definitely hope this is not the cause. EC2 is not appropriate for outsorcing MTAs of legit business. It it not unheard of that the EC2 range is being outright rejected by MXs. -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
