Spam with bogus spamassassin checks
Tiago Meireles
tmeireles at electroind.com
Wed Nov 4 21:03:14 UTC 2015
The SARE rule sets caused me a lot of headaches. Removing them fixed a significant amount of false positives on my end.
-----Original Message-----
From: MailScanner [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller
Sent: Wednesday, November 04, 2015 4:00 PM
To: 'MailScanner Discussion'
Subject: RE: Spam with bogus spamassassin checks
Are you running old SARE rule sets? The VIRUS_WARNING62 is a bit suspect - I don't have that rule in my spamassassin (3.4). Maybe it was added in 3.4.1 but
All references I found to it dated to around 2005 or 2006. SARE went away years ago.
...Kevin
--
Kevin Miller
Network/email Administrator, CBJ MIS Dept.
155 South Seward Street
Juneau, Alaska 99801
Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357
-----Original Message-----
From: MailScanner [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of William D. Colburn
Sent: Wednesday, November 04, 2015 11:22 AM
To: mailscanner at lists.mailscanner.info
Subject: Spam with bogus spamassassin checks
We use MailScanner here, I'm at 4.85.2-3. Spamassassin is at 3.4.1.
with razor agents 2.84. We have spam leaking through that has bogus looking spamassassin results:
X-MailScanner: Found to be clean
X-MailScanner-SpamCheck: not spam, SpamAssassin (score=-0.01, required 5, autolearn=disabled, T_RP_MATCHES_RCVD -0.01)
X-Spam-Status: No
If I manually run the spam message through spamassassin it is flagged
correctly as spam. The messages are small, 2k or so, with nothing
weird in the headers that I can spot.
I've scanned the maillogs. I've tried turning on all the various debug options in MailScanner I could find. Nothing has panned out. These emails continue to leak through with no indication of why.
Does anyone have any suggestions of where I should look?
----------------------------------------------------------------------
Also, your listserve's confirmation email was considered to be spam by MailScanner.
X-MailScanner-Information: Please contact the postmaster at aoc.nrao.edu for more
information
X-MailScanner: Found to be clean
X-MailScanner-SpamCheck: spam, SpamAssassin (score=5.651, required 5,
autolearn=disabled, DKIM_SIGNED 0.10, RCVD_IN_DNSWL_LOW -0.70,
TVD_SPACE_RATIO 0.00, TVD_SPACE_RATIO_MINFP 2.75,
T_DKIM_INVALID 0.01, T_RP_MATCHES_RCVD -0.01, VIRUS_WARNING62
3.50)
X-MailScanner-SpamScore: sssss
X-MailScanner-From: mailscanner-bounces at lists.mailscanner.info
X-Spam-Status: Yes
--Schlake
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/listinfo/mailscanner
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/listinfo/mailscanner
More information about the MailScanner
mailing list