Large emails being tagged as spam - false positives
Matt Kettler
mkettler at evi-inc.com
Fri Sep 29 00:25:35 IST 2006
Gordon Colyn wrote:
> Here is an example, a legitimate 6.9M email that is classified as spam;
>
> cached not
> score=8.424
> 8 required
> -3.00 BAYES_00 Bayesian spam probability is 0 to 1%
> 0.14 FORGED_RCVD_HELO Received: contains a forged HELO
> 0.00 HTML_MESSAGE HTML included in message
> 1.82 MISSING_SUBJECT Missing Subject: header
> 2.60 RCVD_IN_DSBL Received via a relay in list.dsbl.org
> 1.95 RCVD_IN_NJABL_DUL NJABL: dialup sender did non-local SMTP
> 0.72 RCVD_IN_NJABL_PROXY NJABL: sender is an open proxy
> 2.05 RCVD_IN_SORBS_DUL SORBS: sent directly from dynamic IP address
> 2.16 RCVD_IN_SORBS_SOCKS SORBS: sender is open SOCKS proxy server
>
Question: Have you checked your trust path?
If this message wasn't direct-delivered to your network from a home-user type
machine, and was properly relayed through an ISP's mailserver, then you likely
have a broken trust path.
You can fix this by manually declaring a trusted_networks.
See:
http://wiki.apache.org/spamassassin/TrustPath
More information about the MailScanner
mailing list