Once again, I'm finding a piece of spam getting through
because of RCVD_IN_DNSWL_MED=-4 .....
Is this just the 'occasional' FP that we have to live with?
Or should I rethink scoring that DNSWL?
According to the headers, it looks like an end user of a web mail account
had their password hacked (probably they were stupid and answered one of
those 'send us your password' phishing mails). So I think the ISP has
a rep worthy of the WL. But are we jsut opening the door to allowing
spam as spammers target whitelisted systems to break into? Is there such a
thing as too much whitelisting?
- Charles