Arne Jensen <darkde...@darkdevil.dk> writes: > Den 12-11-2021 kl. 00:43 skrev Loren Wilton: >> I have to admit I'd never paid much attention to the RCVD_IN_DNSWL_* >> scores on spam before. > [...] >> Looking at spam for last month, [...] >> >> But I do have 12 pretty blatent spams that hit RCVD_IN_DNSWL_HI. >> It makes me wonder just how useful a rule it is. > A pretty blatant misconfiguration of a mail server (and/or the system > running same), can unfortunately lead to various negative side > effects.
Loren might want to check about spam received by mailinglists. I have seen spam sent to lists and then delivered to me, so that it arrives from the MTA of the org running the list. Adding that to trusted_networks moves the check points earlier and avoids treating the mail as good because it came from the list. Of course, it would be better if the list were set up for both spam filtering and rejecting non-member posts, and machines that host lists that send spam probably aren't in DNSWL anyway. Thanks for all the confirmations for what isn't listed. I have always had the view that DNSWL runs a tight ship (and fairly too), and I continue to feel that -2.3 for MED is a reasonable score.
signature.asc
Description: PGP signature
