ScamNailer False Positives

Jules Field MailScanner at
Wed Sep 12 13:43:40 IST 2012

On 12/09/2012 11:19, M A Young wrote:
> On Tue, 11 Sep 2012, Dan H. Eicher wrote:
>> I'm in the process of transitioning from:
>> Solaris+amavisd+postfix+dovecot+procmail -to-
>> Redhat 6.3+MailScanner+postfix+dovecot+procmail
>> I thought I would try here, as sanesecurity points me to:
>> scamnailer at - Julian Field for issues with Scamnailer.
>> Almost all the emails I get from UFL's helpdesk are marked as:
>> “” and quarantined.
> You need to work out what ScamNailer is objecting to, also whether the 
> scamnailer version and the data you are working from is up to date.
> If an address is listed incorrectly, I believe the scamnailer data 
> originates from so 
> you could look there to get false positives and no-longer-positives 
> removed (Help Desk addresses can be used in spam so it might have been 
> listed legitimately).
Only a bit of the ScamNailer data comes from there. Most of it is 
derived elsewhere entirely.

If you hit false positives, please report them to 
scamnailer at



Julian Field MEng CITP CEng

Buy the MailScanner book at
Need help customising MailScanner? Contact me!

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at

'Teach a man to reason, and he will think for a lifetime.' - Phil Plait
'All programs have a desire to be useful' - Tron, 1982

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list