Spam Assassin Rejecting Comcast Validation Emails
Greetings all. I am sure that I would be better able to diagnose this problem if I was able to capture the incident email traffic, however, at this point I have not been able to retrieve the emails. The situation is that upon registration of a new username for comcast services, which is actually an email address, when the test email comes through, it is rejected with a score of 5.2/5.0 during the handshake for my citadel implementation. I currently have citadel in the standard setup where spamassassin is used to reject email prior to accepting them, if spamassassin determines that the email is spam. I was wondering if anyone else has this issue, or if I may be able to safely edit any settings within spamassassin to be more accomidating to the comcast.net email. -- Respectfully, Martes G Wigglesworth
Re: Spam Assassin Rejecting Comcast Validation Emails
On Tue, 2010-03-02 at 11:58 -0500, MGW-Discussions wrote: I am sure that I would be better able to diagnose this problem if I was able to capture the incident email traffic, however, at this point I have not been able to retrieve the emails. Check your logs for the rules the email triggered. The situation is that upon registration of a new username for comcast services, which is actually an email address, when the test email comes through, it is rejected with a score of 5.2/5.0 during the handshake for my citadel implementation. I currently have citadel in the standard setup where spamassassin is used to reject email prior to accepting them, if spamassassin determines that the email is spam. This sounds slightly better than the Subject, which is just wrong. SA does not reject anything. :) I was wondering if anyone else has this issue, or if I may be able to safely edit any settings within spamassassin to be more accomidating to the comcast.net email. Probably hard without a sample. You could either lower some rule's score (see logs) or raise the required_score value -- temporarily at least, to let that one mail through. Rejecting at the required_score is quite risky in general. Common approach for rejecting based on SA score is to use a second, higher threshold. And keep marked spam lower than that for review. -- char *t=\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1: (c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
Re: Spam Assassin Rejecting Comcast Validation Emails
On Tue, Mar 2, 2010 at 8:58 AM, MGW-Discussions mailinglistmem...@mgwigglesworth.net wrote: Greetings all. I am sure that I would be better able to diagnose this problem if I was able to capture the incident email traffic, however, at this point I have not been able to retrieve the emails. The situation is that upon registration of a new username for comcast services, which is actually an email address, when the test email comes through, it is rejected with a score of 5.2/5.0 during the handshake for my citadel implementation. I currently have citadel in the standard setup where spamassassin is used to reject email prior to accepting them, if spamassassin determines that the email is spam. I was wondering if anyone else has this issue, or if I may be able to safely edit any settings within spamassassin to be more accomidating to the comcast.net email. -- Respectfully, Martes G Wigglesworth I personally tag at 5.0 but reject at 15.0. I'm in the process of closing the gap, but rejecting at 5.0 (depending on your personal rule set) may be a little aggressive. I know for my mail flow that there would be a lot of false positives, much like your current issue. Do the emails always come from the same from envelope? You could whitelist the from address as an easy way around this specific problem. Certainly spammers could abuse this, but hopefully it would be a temporary solution anyways. Dave
Re: Spam Assassin Rejecting Comcast Validation Emails
On 02-Mar-10 09:58, MGW-Discussions wrote: when the test email comes through, it is rejected with a score of 5.2/5.0 You are REJECTING at a score of 5.0? That's a bad idea. Generally if you run SA at transaction you will tag at a score of 5.0 through maybe 10.0 or maybe even 12.0, it is only at 12.0 that you reject the spam. (this nunmber can be any number you want, but I think it would probably be pretty foolish to make it any lower than 9.0) -- 'It's always a good thing to let a few tales spread, you know. Pour encouragy le-poor encoura-to make everyone sit up and damn well take notice.' --Eric