On 12/21, Jan Agermose wrote: > Ive not checked what other mail we are scanning that also hits this and > related rules: RP_MATCHES_RCVD - but when ever I actually do get spam on > my own mailaccount its always casino mail and always getting marked as > non-spam because of rules like this one and others that seams related > saying that the mail is trusted because of sender server/relay host. > > > > to me that sounds strange. How can all my spam come from hosts that > spamassassin thinks are nice hosts :) ?
The description of RP_MATCHES_RCVD isn't the clearest, or at least not most consistent with wording used elsewhere in SA. It looks like that rule means that the "envelope from" (which is where the remote SMTP server says the email is from, not the From: header, and generally not included in mail headers) matches the domain of the "last untrusted relay". But your question may actually be a very good one, which might, in the end, come down to: Why isn't RP_MATCHES_RCVD flagged as mutable and having optimal scores generated based on masscheck data? Its rank, and S/O, are not particularly impressive: http://ruleqa.spamassassin.org/?daterev=20111217&rule=RP_MATCHES_RCVD Also, as others have hinted at, you probably shouldn't use the words "trusted relay" unless you're specifically referring to the SA setting trusted_networks. That term has a specific meaning, and using it when talking about something else is confusing. -- "He who dies with the most toys... still dies." - No Fear http://www.ChaosReigns.com
