On Mon, Feb 19, 2018 at 3:20 PM, John Hardin <jhar...@impsec.org> wrote:
> On Mon, 19 Feb 2018, Rupert Gallagher wrote:
>> Whatever you do, just do not ask others to blacklist Alibaba
> Are those getting hits on SPOOFED_FREEM_REPTO_CHN?
> Perhaps just bump the score for that locally?
KAM's rules are still setting FORGED_YAHOO_RCVD to zero, invalidating
that rule for me. Perhaps he doesn't know the rule was removed or
Feb 19 17:37:29 mail01 amavis: SA info: rules: meta test
SPOOFED_FREEM_REPTO_CHN has dependency 'FORGED_YAHOO_RCVD' with a zero
Is there anything further that needs to be done wrt this rule, or does
it now just work as expected?
He's also got KAM_GRABBAG5 and KAM_UAH_YAHOOGROUP_SENDER also being
affecting by FORGED_YAHOO_RCVD.