On Mon, Feb 19, 2018 at 3:20 PM, John Hardin <jhar...@impsec.org> wrote:
> On Mon, 19 Feb 2018, Rupert Gallagher wrote:
>> Whatever you do, just do not ask others to blacklist Alibaba
> Are those getting hits on SPOOFED_FREEM_REPTO_CHN?
> Perhaps just bump the score for that locally?

KAM's rules are still setting FORGED_YAHOO_RCVD to zero, invalidating
that rule for me. Perhaps he doesn't know the rule was removed or
otherwise handled?

Feb 19 17:37:29 mail01 amavis[30049]: SA info: rules: meta test
SPOOFED_FREEM_REPTO_CHN has dependency 'FORGED_YAHOO_RCVD' with a zero

Is there anything further that needs to be done wrt this rule, or does
it now just work as expected?

He's also got KAM_GRABBAG5 and KAM_UAH_YAHOOGROUP_SENDER also being
affecting by FORGED_YAHOO_RCVD.

Reply via email to