On 07/24/2018 11:10 PM, chuckee wrote:
I'm from a reasonably large ESP and we handle all types of emails being sent via our servers. We've noticed a change with SpamAssassin in the last few days/weeks which is causing problems. The following 2 rules are causing these problems: 3.5 HDR_ORDER_FTSDMCXX_DIRECT Header order similar to spam and 2.0 MIMEOLE_DIRECT_TO_MX MIMEOLE + direct-to-MX
Feel free to set these scores to zero or 0.01 for a quick fix to your solution while this gets sorted out.
The high scoring first rule, especially, is causing problems, and is triggered if a sender is sending emails from Windows Live Mail (it seems to be just this email client), and their email only has 1 'Received from' header. As an ESP we can confirm that it is extremely common for ESP's to strip out 'Received from' headers - if we didn't, then many recipient mail servers reject emails because they look at the (often bad) reputation of the IP address of the sender and judge an email on that. For example, if a sender is sending an email from a hotel, their email would be judged based on the reputation of the hotel's IP address (which is a ridiculous scenario). We can confirm that Barracuda is one such email filter that does this.
You shouldn't have to strip out Received headers to prevent legit emails from getting rejected. Either this is from using too aggressive RBLs or you need to add to your trusted_networks to look past some Received headers. Another option I use is to make meta rules for certain OK Received headers to subtract a few points.
As such, both of the above rules (in our opinion) should not be in place. ESP's must strip out received headers to prevent legitimate emails from getting rejected. If we leave them in to cater for those SpamAssassin rules then many emails will get rejected based on reputation checks of the sender's own IP address (which is against proper email protocol, but has been happening ever since email was invented and will continue to happen). What can be done to influence whoever made these recent rule changes to revert things back to how they were?
I guess someone needs to look back through the SVN commits to see when this was introduced.
Thanks
I filter for about 60,000 mailboxes and I don't see any hits in my mail logs for either of those rules in the past 3 days on my production mail flow.
-- David Jones
