Hi, > Does your pop-before-smtp method cause your MTA to indicate they've been > authed in the Received: header?
I don't believe so. There doesn't appear to be anything additional in the header relating to pop-b4-smtp. I'm using postfix. Perhaps off-topic, but ideas on how to do this, if you think it would be the right approach? >> I also don't understand how SPF_SOFTFAIL could happen when there >> wasn't any SPF record to test to begin with. >> > Are you sure? What was the envelope from domain for the message? (keep > in mind, this checks the envelope from, not the from header..) No, I'm not sure. I just don't see anything relating to SPF in the message at all. > Some of DCC's signatures are "fuzzy", thus will match similar messages > with minor differences. This is done to avoid spammers bypassing by Yes, understood. The "fuz1" and "fuz2" max settings are "999999", which I assume is the max possible, set by the previous admin. > As for dealing with it: > whitelist Marriott at the SA level (as you suggest) > whitelist Marriott at the dcc level > remove or severely cut back the score of AE_DETAILS_WITH_MONEY, if > you ever actually expect to get important email about traveling to the UAE. I've whitelisted the Marriott address. I also actually removed the rule entirely, and just relying on John's excellent lotsa and fillform rules. Thanks very much. Best, Alex
