It seems like it too high a negative score. On 3/20/2023 1:24 PM, Reindl Harald wrote:
Am 20.03.23 um 18:17 schrieb Mark London:Can someone tell me why this paypal phishing email, managed to trigger USER_IN_DEF_SPF_WL? Or put it another way. Why wasn't it detected as a phishing email? Thanks.Becasue it was a SPF hit and the envelope sender is in USER_IN_DEF_SPF_WL? frankly - what else do you expect to hear?
