https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7888
--- Comment #12 from Byron Kleingeld <by...@zoomedia.co.za> --- (In reply to Byron Kleingeld from comment #11) > (In reply to RW from comment #10) > > (In reply to John Hardin from comment #7) > > > > > (In reply to RW from comment #5) > > > > 3 points does seem a bit extreme for a tracker. > > > > > > That's based on such headers appearing in very little ham in our corpus. > > > If > > > the bulk mailer doing this was a widely-used legitimate service I'd expect > > > to see more hammy instances of it. The scored rule does have exclusions > > > for > > > signs in the ham we do have, > > > > The only exclusion is "&& !__HAVE_BOUNCE_RELAYS". __HAVE_BOUNCE_RELAYS is > > test for whether any bounce relays are configured in the VBounce plug. In > > most set-ups it's unconditionally false. > > > > > > > That is historically the > > > kind of tactic used by spammers to avoid static pattern and checksum > > > detection tools and to pollute spam signature databases, > > > > That's more to do with the body. I don't think there's anything of that sort > > that would be affected by non-standard headers. > > I'll have to agree with this, while the software is being used maliciously, > it is commercial software (https://www.mailwizz.com) and this rule would > punish everyone who bought the software, legitimate or otherwise. I am > forced to return those headers because the software's bounce handling and > box monitoring features require them to function as it reads the values to > automatically unsubscribe bouncing mails, or deadmail boxes, etc etc. > > I'm at a bit of an empasse now, we've taken the time to build the reputation > of our servers, set up SPF and valid DKIM records and all the DNS fluff that > goes around running an email marketing platform only to get punished because > it's a "spammy platform" that we've heavily modified over the course of 2 > years of development. > > I'm open to suggestions though, while -2 spam score isn't a death sentence > for our mailers and we're working with postmasters to get our mails properly > routed and whilelisted and all that jazz (Effort I seriously doubt a group > of spammers would go through). It just feels a bit depressing getting > punished for using off-the-shelf commercial mass mailing software as a basis. MailWizz has finally replied to my support request with a link to the following: https://kb.mailwizz.com/articles/low-score-in-spamassassin-because-of-the-rand_mktg_header-rule It simple suggests making the rules "non-keyed" i.e using just X- and not X-xxx- I'm curious to know if this would work as they suggest though. -- You are receiving this mail because: You are the assignee for the bug.
