Upgrade to 4.79.11
Martin Hepworth
maxsec at gmail.com
Thu Jul 22 08:42:54 IST 2010
On 21 July 2010 20:15, <derek.winkler at algorithmics.com> wrote:
> I just upgraded from 4.69.9 to 4.79.11, SA from 3.2.5 to SA 3.3.1.
>
>
>
> Everything lints fine, can’t find any problems.
>
>
>
> I’m getting spam that when processed by MS scores quite low,
>
>
>
> X-Algo-MailScanner-SpamCheck: not spam, SpamAssassin (score=0.5,
>
> required 4.5, autolearn=disabled, RCVD_IN_BRBL 0.50)
>
>
>
> but when tested with SA within minutes on the same server scores quite
> high,
>
>
>
> Content analysis details: (23.7 points, 5.0 required)
>
>
>
> pts rule name description
>
> ---- ----------------------
> --------------------------------------------------
>
> 0.5 RCVD_IN_BRBL RBL: Received via a relay in BRBL
>
> [198.7.242.169 listed in
> b.barracudacentral.org]
>
> 1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
>
> [Blocked - see <
> http://www.spamcop.net/bl.shtml?198.7.242.169>]
>
> 1.6 RCVD_IN_BRBL_LASTEXT RBL: RCVD_IN_BRBL_LASTEXT
>
> [198.7.242.169 listed in
> bb.barracudacentral.org]
>
> 0.7 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
>
> [198.7.242.169 listed in zen.spamhaus.org]
>
> 2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
>
> [198.7.242.169 listed in psbl.surriel.com]
>
> 4.5 URIBL_AB_SURBL Contains an URL listed in the AB SURBL
> blocklist
>
> [URIs: erectgardiner81b.ru]
>
> 1.7 URIBL_WS_SURBL Contains an URL listed in the WS SURBL
> blocklist
>
> [URIs: erectgardiner81b.ru]
>
> 1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL
> blocklist
>
> [URIs: erectgardiner81b.ru]
>
> 1.7 URIBL_DBL_SPAM Contains an URL listed in the DBL blocklist
>
> [URIs: erectgardiner81b.ru]
>
> -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay
>
> domain
>
> 0.9 SPF_HELO_SOFTFAIL SPF: HELO does not match SPF record (softfail)
>
> 0.6 URIBL_SBL Contains an URL listed in the SBL blocklist
>
> [URIs: erectgardiner81b.ru]
>
> 0.0 HTML_IMAGE_ONLY_32 BODY: HTML: images with 2800-3200 bytes of
> words
>
> 0.6 HTML_IMAGE_RATIO_04 BODY: HTML has a low ratio of text to image
> area
>
> 0.0 HTML_MESSAGE BODY: HTML included in message
>
> 1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
>
> 2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
>
> above 50%
>
> [cf: 100]
>
> 0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
>
> [cf: 100]
>
> 0.4 RDNS_DYNAMIC Delivered to internal network by host with
>
> dynamic-looking rDNS
>
> 0.0 T_SURBL_MULTI2 T_SURBL_MULTI2
>
> 0.0 T_SURBL_MULTI1 T_SURBL_MULTI1
>
>
>
> Any ideas why?
>
>
>
> Using Sendmail on RHEL4.
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>
Derek
I'd check your mailscanner is checking against the correct spamassassin and
not using cruft from the old version.
--
Martin Hepworth
Oxford, UK
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20100722/ca06af92/attachment.html
More information about the MailScanner
mailing list