The envelope from is what the connecting MTA uses. The 'From:' header comes in the DATA phase of SMTP so it could be anything or even missing. If you view the received headers in your email you should be able to determine which type of spoofed from you have. No shortage of solutions for sure.Īssuming you are talking about spoofed from's and not envelope from's. I was looking at mailscanner given a few of the spamassassin developers like to use it to feed spamassassin more data. I saw that Bill posted something about rspamd which I hadn't seen before. Again, just a small fraction of the score since blacklists like zen and sorbs can at time have gmail listed. That was my change to dnsbl-milter so that we could see how many blacklists some of these incoming connections were on. Again these are only parts of a larger scoring engine so country lookups are a very small part unless they are on 3 or 4 other blacklists. I list the countries I am interested in and anything else gets a header we use later. Blackmilter has a very fast lookup in comparison to DNS lookups so I went with that after rewriting the cidr's into /8, /16, and /24. My milter stuff is on sendmail and I have modified both blackmilter and dnsbl-milter.
Previously, I was content with just a few custom rules but the current set of rules let in too much spam and created too many false positives. One thing that has come out of this is that customization for your mix of spam is what I believe the spamassassin community expects you to do. I would be interested if others have found spam to be a bigger problem in the past 2-3 months. We did add a milter to add headers of various BL's and then score the message on aggregate with additional envelope and other meta checks. I would like to think we are in the business of delivering email not rejecting email so simply choosing more blacklists when spam seems to be winning isn't as helpful. It's a mess and its a lot of work but it's rewarding work to increase accuracy for your users, delivery email and tag spam. For us HTML_FONT_LOW_CONTRAST needed to work better or bayes was at risk. We found once we got in there, the more we changed the more problems that existed. They obviously have a deeper understanding of their system than I do.
#Mail pilot spam update
I tried to update HTML.pm with the patches to their spamassassin developers group but believe they see my changes as a start to opening a can of worms and have not confirmed my bug. My initial thought process was to get these patches in the main trunk of spamassassin but that is proving difficult. I would love to get some of these patches into Zimbra but spam is a very specialized thing these days so what works for someone isn't best for everyone. Our clients don't want false positives and they want all their email so it's been a battle for the past few months. I wanted more reputation checks based on the structure, envelope, etc. I began following both the developers and users spamassassin mailing groups but none of what I am seeing appears to be a priority that I have seen or we are the only one with this type of problem. I recently started to mark incoming connections from foreign countries (! US/CANADA/UK/IE ) to help us make additional choices with certain types of tracking spam for one customer that is US based for their email mix.
#Mail pilot spam full
Previously, I had just a few rules but now find myself in full development mode. Curious that the only positive ratings are from new accounts with 1 review.I don't know the answer, but in the end I wrote a few plugin's, modified a few sendmail milters that are in the front end on a different machine to add some headers so spamassassin could score better. On top of that when reporting the issue, instead of being grateful for a 'free' feedback they are getting argumentative wasting time on showing you everything is fine on their end instead of trying to solve the issue. With prospects/ leads the situation is even worse and you are not 'aware' that they were supposed to send you anything (so you do not follow up, by phone/ any other medium), which makes you not receive their messages, and they thinking you are not responding/ not being interested. They are a real pain for a communication even between you and your existing clients that you are maintaining regular email exchanges (so it should be clear that both me and the counterpart are interested in receiving and reading our emails). They let the sender send the email with a 'spam/ suspicious link' and then they bounce-back any intent to respond (as it already contains the 'link' send originally by a sender (that they let in). Illogical moves and useless customer service As reported in other reviews, their service has an unacceptably high rate of false-positives.
0 kommentar(er)
