On 15-06-16 00:13, Linda A. Walsh wrote:
>
>
> spamassas...@linkcheck.co.uk wrote:
>> The code below is found in several places online and for some months I
>> have been trying to get it to work, but whatever I do it flags up Fail
>> even if the source is good. Typically I have been concentrating on
>> gmail: from known good contacts I always get NOTVALID_GMAIL (I have
>> reduced the scores to 0.01 to avoid false rejections). Is this code
>> known to fail or is it something I'm doing wrong?
>>
>> Spamassassin version: 3.3.2
>> Perl version: 5.14.2
>> OS: Linux Mint 13
>> =============
>> The section header for the code runs...
>>
>> "penalize mail claiming to be from PayPal, eBay, Yahoo or Gmail but
>> was not signed by their official mailers:"
> ---
> Someone is mixing apples and oranges in that rule.
I think you are :)
> Mail from PayPal and eBay would be coming from those companies, AFAIK,
> not end users. Same with email from "google.com". But 'yahoo.com' and
> gmail.com are both *end-user* services. I don't know if yahoo mixes
> it's official email sendings with user-email sendings, so it might be
> an odd case,
> But on the above list, "gmail" should be replaced with "google".
The bulk of mail coming from paypal and ebat is likely transactional
mail, and the bulk of mail coming from gmail and yahoo is likely end
user mail. Mail from the company itself, or from employees, the odd
case, should have its own (sub)domain (f.i. corp.yahoo.com), which might
or might not be covered by the SA rules from OP.
I think the rules from the OP (a poor man's DMARC check) are targeted
for the bulk case, i.e. transactional and end-user mail, and employee
mail is left out of the equation (maybe not intentionally, but who
cares). The only thing that could be criticized, is the rule description
that fails to indicate that the mail "claims to be from the Yahoo!
platform" and not from the "Yahoo! company".
But in all situations, the mails are expected to be sent by the mailers
that belong to that service: if you have a gmail account, you are
expected to send mail from that account through the google smtp relay
service, which will make sure that the mail is OK with SPF, DKIM, DMARC
checks.
If you expect to have any useful mail contact by relaying mail with a
gmail/aol/yahoo sender envelope through your own mail platform, (i.e.
delivering without using their SMTP relay), you're dreaming. The
freemail providers are making that harder and harder by deploying DMARC
p=reject.
The question arises: why would you use a Gmail address at all if you
don't want to use their services?
Regards,
Tom
