On 3/14/19 5:50 PM, @lbutlr wrote:
> I've been having a lot of problems with emails from comixology getting tagged
> as spam and then the message attachment is often, but not always, corrupt.
>
> Content analysis details: (6.8 points, 5.0 required)
>
> pts rule name description
> -- --
> -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/,
> no trust
> [54.240.13.78 listed in list.dnswl.org]
> 0.2 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
> [score: 1.]
> 3.5 BAYES_99 BODY: Bayes spam probability is 99 to 100%
> [score: 1.]
> 0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
> mail domains are different
> 0.8 MPART_ALT_DIFF BODY: HTML and text parts are different
> 0.0 HTML_MESSAGE BODY: HTML included in message
> 0.4 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME
> 0.1 DKIM_SIGNEDMessage has a DKIM or DK signature, not necessarily
> valid
> 0.7 MIME_HEADER_CTYPE_ONLY 'Content-Type' found without required
> MIME headers
> 0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid
> 1.0 BODY_URI_ONLY Message body is only a URI in one line of text or
> for an image
> 0.0 T_REMOTE_IMAGE Message contains an external image
>
> The attached message when I open it starts:
>
> =23outlook A =7B PADDING-BOTTOM: 0px; PADDING-LEFT: 0px; PADDING-RIGHT:
> 0px=
> ; PADDING-TOP: 0px =7D
> BODY =7BPADDING-BOTTOM: 0px; MARGIN: 0px; PADDING-LEFT: 0px; WIDTH: 100% =
> =21important; PADDING-RIGHT: 0px; PADDING-TOP: 0px; -webkit-text-size-adjus=
> t: 100%; -ms-text-size-adjust: 100%
> =7D
> =7D =20
>
>
> I added whitelist_auth comixology.com to local.cf and still had issues, so I
> also added whitelist_from comixology.com, but messages are still tagged as
> spam.
>
> From: Comics by comiXology
>
> But the message are actually coming from amazon.com. I have these references
> to amazon in local.cf
>
> adsp_override amazon.com custom_high
> adsp_override amazon.com
> whitelist_auth *@amazon.com
>
> (not sure about the first two lines, don't recall those settings)
>
>
>
I would recommend using this if they hit SPF_PASS or DKIM_VALID_AU
whitelist_auth *@*.comixology.com
If they don't have good SPF or DKIM like this one, then use:
whitelist_from_rcvd *@*.comixology.com amazonses.com
The "amazonses.com" would be the part of the sending mail server's name
when it has good FCrDNS. If that mail server doesn't have good FCrDNS,
then use:
whitelist_from_rcvd *@*.comixology.com [ip.ad.dr.ess]
whitelist_from should be the last option and I only use it on a full
email address that is very unique so spammers won't be able to match
that by accident from any source server or IP address.
--
David Jones