https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8000
John Hardin changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|--- |WORKSFORME
CC||jhar...@impsec.org
--- Comment #1 from John Hardin ---
I cannot reproduce this FP in my SA test environment with the attached example.
May 30 20:07:11.714 [21295] dbg: rules-all: running header rule
__HDR_RCVD_AMAZON
May 30 20:07:11.714 [21295] dbg: rules: ran header rule __HDR_RCVD_AMAZON
==> got hit: " rdns=a13-123.smtp-out.amazonses.com "
...
May 30 20:07:12.731 [21295] dbg: rules-all: ran meta rule
__AMAZON_IMG_NOT_RCVD_AMZN, no hit
...
May 30 20:07:12.742 [21295] dbg: rules-all: ran meta rule
AMAZON_IMG_NOT_RCVD_AMZN, no hit
It's possible that the local-MTA Received header which prevents it from hitting
is not being added to the message by your MTA before it's being passed to
SpamAssassin for scanning. How is SpamAssassin glued onto your MTA?
Recommendations:
(1) whitelist Amazon (see below), these messages pass DKIM
(2) look into rule LOCAL_RND_SUBJ, that contributed more to the FP than
AMAZON_IMG_NOT_RCVD_AMZN did
(3) follow up the MTA glue question on the SpamAssasssin Users mailing list,
you'll get better results for rules questions there.
Suggested Amazon authenticated whitelisting:
whitelist_auth *@amazon.com
blacklist_from *@amazon.com
whitelist_auth *@*.amazon.com
blacklist_from *@*.amazon.com
--
You are receiving this mail because:
You are the assignee for the bug.
