You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Loren Wilton <lw...@earthlink.net> on 2005/12/09 08:11:48 UTC

Re: RATWARE question

About the best suggestion I can offer would be to NOT use Outlook nor OE to compose the mailing list messages.  Find some other tool to do this, there are probably a number that are free and fairly easy to use.

The main problem here is that Outlook/OE are pretty much the most common clients on the net.  As a result, spammers almost invariably insert fake headers to try to make their spam look like it was generated by Outlook or OE.  Unfortunately for you, you have managed by accident to do what spammers do deliberately.

The other thing I would suggest is to make sure that your tool creates BOTH  plain text and an HTML side of the email message, not not just the HTML side. 

        Loren
  ----- Original Message ----- 
  From: Irina 
  To: users@spamassassin.apache.org 
  Sent: Thursday, December 08, 2005 6:32 AM
  Subject: RATWARE question


  Hello All,

  We use CommuniGate Pro 4.2.10 (CGP) with SpamAssassin 3.1.0.

  We sent out a newsletter to our clients via CGP and were surprised that it received a relatively high SpamAssassin score.

  It was an HTML-formatted message so we assumed it would receive some small score so we sent several test messages and found they scored around 2.0 which we thought was acceptable.  We then sent the message out using a CGP List.  We were very surprised when the resulting message then scored 7.2 and we fear many clients
  will not see it because the newsletter will be filtered as Spam.  After some investigation we see the reason for the high score is two SpamAssassin rules
  RATWARE_MS_HASH (score 2.4) and RATWARE_OUTLOOK_NONAME (score 3.1) which were triggered as a result of sending via the CGP List.  The original message was composed using Outlook Express and we believe the problem is that CGP List processor strips the original "X-Mailer" and "X-MimeOLE" headers which then triggers these rules.  It gives a new Message-ID and replaces the original one with
      X-Original-Message-ID: <00...@netaccess1.nas.net>

  We are not sure whether the fault lies more with SpamAssassin or CGP.  Does anyone know a way to get around this problem?

  Whitelisting would be fine only locally.  The main problem is that we also sent out to outside clients, whose ISPs may use SpamAssassin for filtering as well.

  Thank you for your help and attention.

  Irina