(Instances of html have been changed to htnl in this message to avoid tripping the rule I'm talking about.)
A legit message arrived at my server, for me and another user, and it
scored 8 for them and I think about 11 for me. This is really unusual.
The big issues were:
Sent by sendgrid: points from KAM and from URIBL_GREY both, each
reasonable separately and I think URIBL_GREY newly lists sendgrid.
From: was someone's (class teacher) gmail address, but it got sent out
via sendgrid via a schoool, and there was no DKIM, so it lit up all
sorts of FREEMAIL_FORGED, From:/env mismatch with freemail, ought to
have DKIM from google and doesn't.
So I wrote to the person because they probably had no idea, and exlained
the above and added some other "deliverabilty hygiene" :-) comments:
> with more minor issues:
>
> The message is html only, rather than also having text/plain.
>
> The message body doesn't have enclosing <htnl> </htnl> tags, so it is
> malformed.
and then I got a reply back with the content he was trying to send etc.
But, it had:
* 2.5 CONTENT_AFTER_HTML More content after HTML close tag
but one was only text/plain and I could see nothing wrong. reading
72_active.cf I found:
rawbody __CONTENT_AFTER_HTML /<\/htnl>\s*[a-z0-9]/i
which fires on a text/plain part that discusses html formatting!
So I'll be reducing that score...
signature.asc
Description: PGP signature
