It's not just mailing lists. Another FP I have seen here is that FedEx usually sends tracking e-mails that have "forged" From: and To: fields. So when [EMAIL PROTECTED] sends a package confirmation to [EMAIL PROTECTED] you'd hit this rule.
:-( I agree that with a low score and perhaps in meta rules with stronger spam signs it could be useful. Balam -----Original Message----- From: Barham, Ted [mailto:[EMAIL PROTECTED] Posted At: Thursday, August 12, 2004 4:02 PM Posted To: SATalk Conversation: Rule Writing Subject: RE: Rule Writing Hi all, I may have missed something in this thread, having just joined the maillist. So forgive me if this has already been discussed or what I am saying doesn't make sense with what y'all are talking about. :) I ran into a similar problem when I tried to blacklist all mail from our companies domain name (pse.com) that was received on the external MX servers. Our internal email should never hit these MX servers and I listed a few IPs as Trusted Networks where I knew mail would come from. It worked fine, but only problem with this was the From or Return-Path fields are often modified by maillists (which I discovered after I implemented this and had to change it back). So you won't get your own posts to maillists and no one will see any posts to maillists that other people in the same company sent. I think you may have a similar problem with the rule your writing. If the score is kept low, it may push Spam over the threadhold and still allow real email from maillists through.
