I'm having a problem with a spammer who is using Google Groups as a
base. They manage to re-subscribe people, etc., and it's hosted on a
private domain, so I can't get to the panel to report the domain.
In any case, I wrote a couple of simple rules in user_prefs that
/should/ match, but they don't. I set the score really high, so it
would get rejected by spamass-milter. Here they are:
header SPAM_MARKETEERS1 To =~/emarketeerz/
describe SPAM_MARKETEERS1 Spam from a Google Group
score SPAM_MARKETEERS1 1000
header SPAM_MARKETEERS2 To =~/mktg.mgrr\@outlook.com/
describe SPAM_MARKETEERS2 Spam from a Google Group
score SPAM_MARKETEERS2 1000
header SPAM_MARKETEERS3 From =~/mktg.mgrr1\@outlook.com/
describe SPAM_MARKETEERS3 Spam from a Google Group
score SPAM_MARKETEERS3 1000
I have other similar tests that check the Subject that I've used before
that work, but they change the subject line here.
I don't understand why these are not working. Here is a sample SMTP
header from a message today (sanitized):
Return-Path: <mktg42+bncbdfyxd7ermlrb7vj62vakgqehmpq...@emarketeerz4.com>
Received: from domain.com ([unix socket])
by mail.domain.com (Cyrus v2.4.17-Invoca-RPM-2.4.17-7) with LMTPA;
Thu, 21 May 2015 04:19:17 -0400
X-Sieve: CMU Sieve 2.4
X-Envelope-From: mktg42+bncbdfyxd7ermlrb7vj62vakgqehmpq...@emarketeerz4.com
X-Envelope-To: <u...@domain.com>
X-Originating-IP: 209.85.223.198
Received: from mail-ie0-f198.google.com (mail-ie0-f198.google.com
[209.85.223.198])
by domain.com (envelope-from
mktg42+bncbdfyxd7ermlrb7vj62vakgqehmpq...@emarketeerz4.com)
(8.13.8/8.13.8) with ESMTP id t4L8J9EZ005720
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=FAIL)
for <u...@domain.com>; Thu, 21 May 2015 04:19:15 -0400
Received: by ieqf18 with SMTP id f18sf6062788ieq.3
for <u...@domain.com>; Thu, 21 May 2015 01:19:10 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:message-id:content-type:reply-to:from:to:subject
:date:importance:in-reply-to:references:mime-version
:x-original-sender:x-original-authentication-results:precedence
:mailing-list:list-id:list-post:list-help:list-archive
:list-subscribe:list-unsubscribe;
bh=vd0EI/d4aRTHygvZym5oYdFiNaokMVBCCwLaW2YDBbk=;
b=N0JuamZ7K1VJxDBmc2PHkDiDEhpSvycYOZcCuxGZ0dpJWjolbLBOsUbslPrBb3z8CJ
YwkDI/8VLtPQ5Ks4raPUuScVsAhCSUBUsdfnVFqoDLW2Qg1eEfpBPbWi3BZ25d+1HTh2
8lnAuDd22OZVUuNJZicBPlzn3xCsmsWWP0sKVrfxMfDKoRteBekbdXDXLPWd6I5JlA7D
cP7AToZ4aKzgMR6WzMXciwHH0bzbraRMs+OB9H8P4MKyX7PtEWahebkzLc2lPpHtvNoL
eD7iKbM11GmWSILlS2eOXF2kybdlT1bXW/QHrBGVbtdVtZZvOjX5vZNbqJuPHAr3ijGv
OeTQ==
X-Gm-Message-State:
ALoCoQkamrP9SDnCBg35yuNH/PYh6G7Jw+eFrhEazO/NeF9OO0NPwQ8abSTcSLlL9FOLi03BMKiK
X-Received: by 10.42.107.76 with SMTP id c12mr2608456icp.11.1432196350333;
Thu, 21 May 2015 01:19:10 -0700 (PDT)
X-BeenThere: mkt...@emarketeerz4.com
Received: by 10.107.153.1 with SMTP id b1ls887746ioe.70.gmail; Thu, 21 May
2015 01:19:10 -0700 (PDT)
X-Received: by 10.66.100.163 with SMTP id ez3mr1895951pab.38.1432196349518;
Thu, 21 May 2015 01:19:09 -0700 (PDT)
X-BeenThere: grou...@emarketeerz4.com
Received: by 10.182.85.197 with SMTP id j5ls515966obz.56.gmail; Thu, 21 May
2015 01:19:09 -0700 (PDT)
X-Received: by 10.202.186.214 with SMTP id
k205mr1260309oif.10.1432196349210;
Thu, 21 May 2015 01:19:09 -0700 (PDT)
Received: from SNT004-OMC3S33.hotmail.com (snt004-omc3s33.hotmail.com.
[65.55.90.172])
by mx.google.com with ESMTPS id
a9si1190911obj.64.2015.05.21.01.19.09
for <grou...@emarketeerz4.com>
(version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
Thu, 21 May 2015 01:19:09 -0700 (PDT)
Received-SPF: pass (google.com: domain of mktg.mg...@outlook.com
designates 65.55.90.172 as permitted sender) client-ip=65.55.90.172;
Received: from SNT150-W71 ([65.55.90.135]) by SNT004-OMC3S33.hotmail.com
over TLS secured channel with Microsoft SMTPSVC(7.5.7601.22751);
Thu, 21 May 2015 01:19:08 -0700
X-TMN: [lOyh6+qghnQRcL1M157wD1Dyw+k8u6uD]
X-Originating-Email: [mktg.mg...@outlook.com]
Message-ID: <snt150-w710525b4ff936755f4f8d8dc...@phx.gbl>
Content-Type: multipart/related;
boundary="_eb2160ae-fe52-4714-8f5b-445336a30ab3_"
Reply-To: <inquiry-sa...@outlook.com>
From: E- Marketeers <mktg.mg...@outlook.com>
To: "grou...@emarketeerz3.com" <grou...@emarketeerz3.com>
Subject: Global Holidays Travel And Tours Online Booking
Date: Thu, 21 May 2015 08:19:08 +0000
Importance: Normal
In-Reply-To: <snt150-w95b0d58acc3991339f8dedc...@phx.gbl>
References:
<CAFGNuY8jnfa0=sW2fC4B9mF=8lcwoaqd16+vt3dq2j2bsxi...@mail.gmail.com>,<snt150-w95b0d58acc3991339f8dedc...@phx.gbl>
MIME-Version: 1.0
X-OriginalArrivalTime: 21 May 2015 08:19:08.0745 (UTC)
FILETIME=[CF665390:01D0939E]
X-Original-Sender: mktg.mg...@outlook.com
X-Original-Authentication-Results: mx.google.com; spf=pass
(google.com:
domain of mktg.mg...@outlook.com designates 65.55.90.172 as permitted
sender)
smtp.mail=mktg.mg...@outlook.com; dmarc=pass (p=NONE dis=NONE)
header.from=outlook.com
Precedence: list
Mailing-list: list mkt...@emarketeerz4.com; contact
mktg42+own...@emarketeerz4.com
List-ID: <mktg42.emarketeerz4.com>
X-Google-Group-Id: 346729582280
List-Post:
<http://groups.google.com/a/emarketeerz4.com/group/mktg42/post>,
<mailto:mkt...@emarketeerz4.com>
List-Help:
<http://support.google.com/a/emarketeerz4.com/bin/topic.py?topic=25838>,
<mailto:mktg42+h...@emarketeerz4.com>
List-Archive: <http://groups.google.com/a/emarketeerz4.com/group/mktg42/>
List-Subscribe:
<http://groups.google.com/a/emarketeerz4.com/group/mktg42/subscribe>,
<mailto:mktg42+subscr...@emarketeerz4.com>
List-Unsubscribe:
<mailto:googlegroups-manage+346729582280+unsubscr...@googlegroups.com>,
<http://groups.google.com/a/emarketeerz4.com/group/mktg42/subscribe>
Can someone point out what I'm doing wrong with the above rules?
Thanks!
