https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6650
Ned Slider <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #1 from Ned Slider <[email protected]> 2011-08-15 21:37:53 UTC --- OK, I see what X-Spam-Relays-External is now :-) Yes, this rule is firing against yahoo relays that hit __5_SUBDOM Here are some examples: nm4-vm0.bt.bullet.mail.ukl.yahoo.com nm2-vm0.bt.bullet.mail.ukl.yahoo.com nm4.bt.bullet.mail.ukl.yahoo.com nm4.bt.bullet.mail.ird.yahoo.com nm2.bt.bullet.mail.ukl.yahoo.com These all seem to be from btinternet.com customers (large UK residential ISP) who use yahoo to relay their mail. >From what I can see these started hitting on 11 Aug 2011, initially with a score of 0.001 but the score has recently increased hence why I've just noticed it. These also all hit __RCD_RDNS_MAIL_MESSY so how about including !__RCD_RDNS_MAIL_MESSY in the meta rule: meta KHOP_DYNAMIC __LAST_EXTERNAL_RELAY_NO_AUTH && !ALL_TRUSTED && !__RCD_RDNS_MAIL_MESSY && (__5_SUBDOM || __RDNS_HEX || __S25R_4 || __S25R_6 || __RCD_RDNS_DYN_MESSY || __RCD_RDNS_PPP_MESSY || __RCD_RDNS_PPOE_MESSY) -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
