This little pearl got through upstream filter on a mailing list. https://pastebin.com/JhDGvAAA
I show the body only, but the MIME headers were: Content-Transfer-Encoding: base64 Content-Type: text/plain; charset="utf-8"; Format="flowed" Also: From: yourfrugalstore <cont...@yourfrugalstore.club> Message-ID: <88ca9f91-131f-e584-3331-074c5139c...@yourfrugalstore.club> My scores for it were: RCVD_IN_DNSWL_MED=-2.3,SPF_HELO_PASS=-0.0,MAILING_LIST_MULTI=-1.0,TOTAL=-3.3 Here is my user_prefs file: # This one disables Bayes. If you want to use Bayes remove or comment # out this line. You'll need to manage your Bayes database with a # cronjob or something. I can help but I won't do the last tiny detail. use_learner 0 # This means spamassassin will just add headers to the message, and not # wrap it as an attachment in a new message. report_safe 0 # Tells spamassassin which Received headers it can trust not to be # forged. In our case, it is a single address, the public address of # the server. clear_trusted_networks trusted_networks 12.34.56.78/32 # This is not really needed but I included it to be explicit clear_dns_servers dns_server 127.0.0.1 # Set the backend library for geoip functionality country_db_type GeoIP Where are all the other scores? I would have expected at least something for bit.ly and for the misspelled closing line, which is a dead spam give-away to a human ... I have run spamassassin -D on it and everything seems to work as designed i.e. the tests including URIBL run fine, they just don't catch anything. It's disappointing. Maybe the KAM rules would have got this one? -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Usenet and on broken lists which rewrite From, fetch the TXT record for no-use.mooo.com.
