Thanks Matus. This is a good place to debate, thank you. Here is my response on the ticket:
Outlook express ended production in June 2006. I'm not sure how much weight we can give to an email sent with it. The issue is at HDR_ORDER_FTSDMCXX_NORDNS with __RDNS_NONE. RDNS is an expected technology to setup a working mail server on the internet. Fix that and you have nearly 5 point swing on your email as well as likely more negative scoring rules will fire. Your focus on ALL_TRUSTED implies to me this is 100% internal mail. Is that correct? Regards, KAM -- Kevin A. McGrail VP Fundraising, Apache Software Foundation Chair Emeritus Apache SpamAssassin Project https://www.linkedin.com/in/kmcgrail - 703.798.0171 On Thu, Aug 30, 2018 at 9:14 AM, Matus UHLAR - fantomas <[email protected]> wrote: > Hello, > > the __HDR_ORDER_FTSDMCXXXX rule catches mail sent from windows live mail > (and outlook express, which, while obsolete, seems to be still used often) > > That further causes hitting HDR_ORDER_FTSDMCXX_DIRECT and > HDR_ORDER_FTSDMCXX_NORDNS in cases where client uses the mail client on > local network, without SMTP authentication, and without DNS (which may be > quite common in some organizations). > > as a workaround, I recommend to add && !ALL_TRUSTED to > HDR_ORDER_FTSDMCXX_DIRECT and HDR_ORDER_FTSDMCXX_NORDNS rules. > > an example: > > X-Spam-Status: Yes, score=9.154 required=5.6 tests=[ALL_TRUSTED=-1, > DOS_OE_TO_MX=3.086, FSL_HELO_NON_FQDN_1=0.001, > HDR_ORDER_FTSDMCXX_DIRECT=1.999, HDR_ORDER_FTSDMCXX_NORDNS=3.5, > HTML_MESSAGE=0.001, MIMEOLE_DIRECT_TO_MX=0.293, RDNS_NONE=1.274] > autolearn=no autolearn_force=no > X-Mailer: Microsoft Outlook Express 6.00.2900.5931 > X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157 > > I have filled out bug 7607, it got rejected immediately: > > https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7607 > > > while I agree that fixing RDNS will help, internal networks DNS is not > always easy, especially when maintained by different people and when > internal DNS is in LAn, not in DMZ. > > > note that this problem has been reported on spamassassin-users a month ago: > > http://spamassassin.1065346.n5.nabble.com/Problem-with-new- > rules-td152105.html > > > So, to avoid discussions on bugzilla, I prefer asking here: > > Is it really a problem to add && !ALL_TRUSTED to HDR_ORDER_FTSDMCXX_DIRECT > and HDR_ORDER_FTSDMCXX_NORDNS ? > > (maybe even HDR_ORDER_FTSDMCXX_001C and HDR_ORDER_FTSDMCXX_BAT, if their > score will be more than zero) > -- > Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > 99 percent of lawyers give the rest a bad name.
