https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7416
--- Comment #19 from Dave Jones <da...@apache.org> --- My results so far a interesting for DKIM_VALID_EF. To repeat, this doesn't indicate ham or spam directly but it's intended to help identify whitelist_auth entries based on the envelope-from address. Messages with DKIM_VALID_EF, DKIM_VALID_AU and SPF_PASS have total alignment on authorization and authentication which essentially a perfect DMARC_PASS. If the sender is trustworthy with valid opt-out/unsubscribe and not a domain with human mailboxes that can be compromised, this domain is a definite candidate for a whitelist_auth entry. I.e.: whitelist_auth *@*.trustedexample.com -- You are receiving this mail because: You are the assignee for the bug.