On 10/9/18 2:21 PM, RW wrote: > > I've recently noticed that newsletters from a small wordpress site are > hitting USER_IN_DEF_SPF_WL. > > The headers are of the form: > > Return-Path: <me=example....@b.wordpress.com> > ... > To: m...@example.com > From: Some Amateur Website <donotre...@wordpress.com> > > and the use of the bounce handling subdomain b.wordpress.com is > causing a match on: > > def_whitelist_auth *@*.wordpress.com > > Theses emails are legitimate, and I've not had much wordpress spam, but > they are essentially freemail bulk mail. >
I am not understanding the question or issue. If they 1) don't send spam, 2) only send opt-in email with a valid opt-out option and 3) they quickly handle any abuse reports then they should be considered a trusted sender. Since these are system-generated emails and not real human mailboxes that can be compromised to send spam, then that def_whitelist_auth entry is safe. Once we find evidence that any def_whitelist_auth sender fails to follow all 3 rules above then post an example here via pastebin.com and we will take appropriate action. -- David Jones