You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by scott mccollum <mc...@medicalreimbursements.com> on 2006/04/19 15:53:39 UTC

Please explain- need quick spam education

We have a website built by a contracted programmer...  the website will send
an email (using CDOsys)....  when sending to a client with spamassassin the
email was blocked....  one of our users is copied on the email......she can
forward the email to the client and it will get through the spamassassin
filter.  I contacted the client and he added our domain to the allowed list
and now it works fine....   Can someone explain why?   
I'm not a programmer so I'm not sure exactly how to explain this... but when
the contracted programmer explained how CDOsys worked he showed me the code
from an .asp file....it showed when an email was sent it was authenticating
on our exchange server with a valid domain account and mailbox....from an
account I created for him on my DC when he started the project....  however,
the from field ( which i know can be anything) shows the email coming from
another one of my users....    
--
View this message in context: http://www.nabble.com/Please-explain--need-quick-spam-education-t1474473.html#a3987956
Sent from the SpamAssassin - Users forum at Nabble.com.

Re: Please explain- need quick spam education

Posted by Matt Kettler <mk...@comcast.net>.

scott mccollum wrote:
> We have a website built by a contracted programmer...  the website will send
> an email (using CDOsys)....  when sending to a client with spamassassin the
> email was blocked....  one of our users is copied on the email......she can
> forward the email to the client and it will get through the spamassassin
> filter.  I contacted the client and he added our domain to the allowed list
> and now it works fine....   Can someone explain why?   
>   

Without a copy of the email that got tagged, or at very least the
X-Spam-Status header that SA generated, nobody can explain why your
message was tagged.

It could be that the website is generating malformed emails, and
triggering some of SA's rules that look for badly formed messages
typical of cheap spam tools.
It could be that the IP address of the website is listed in several RBLs
due to being abused to send spam.
It could be that one of the domains used by a URL in the email is listed
in a URIBL.
It could contain text that looks like an obfuscated drug-spam.
It could contain text that the recipient has extensively trained bayes
as being spam.

There are hundreds of different rules in SA. Any of them could have been
the problem.

> I'm not a programmer so I'm not sure exactly how to explain this... but when
> the contracted programmer explained how CDOsys worked he showed me the code
> from an .asp file....it showed when an email was sent it was authenticating
> on our exchange server with a valid domain account and mailbox....from an
> account I created for him on my DC when he started the project....  however,
> the from field ( which i know can be anything) shows the email coming from
> another one of my users....  

Do you publish SPF records?