On Sat, 10 Jan 2026, Bill Cole wrote:
Oops, these rules are in John Hardin's testing sandbox, so I will let him do
the fix.
I expect something like these subrules added as exclusions to the
SHOPIFY_IMG_NOT_RCVD_SFY meta-rule will do the trick:
describe __HDR_RCVD_KLAYVIO Has a Klayvio machine in the Received
headers
header __HDR_RCVD_KLAYVIO X-Spam-Relays-External =~
/\srdns=\S+\.klayvio\.com\s/
describe __HDR_SGEID Has Sendgrid EID header
header __HDR_SGEID exists:X-SG-EID
describe __HDR_SGID Has Sendgrid ID header
header __HDR_SGID exists:X-SG-ID
describe __HDR_SGIDS Has both Sendgrid ID headers
meta __HDR_SGIDS __HDR_SGEID && __HDR_SGID
And the replacement meta with new FP prevention:
meta __SHOPIFY_IMG_NOT_RCVD_SFY __URI_IMG_SHOPIFY &&
! __HDR_RCVD_SHOPIFY && !__HDR_ENVFROM_SHOPIFY && !__HDR_RCVD_KLAYVIO &&
! __HDR_SGIDS
Pretty much what I was going to do. I'm less trusting of sendgrid, though,
as I regularly get spam via them, so I'm only adding Klayvio.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
[email protected] pgpk -a [email protected]
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Warning Labels we'd like to see #1: "If you are a stupid idiot while
using this product you may hurt yourself. And it won't be our fault."
-----------------------------------------------------------------------
7 days until Benjamin Franklin's 320th Birthday
