You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Michael Scheidell <sc...@secnap.net> on 2008/09/16 21:08:39 UTC
where to report violations of RCVD_IN_BSP?
yes, I can set a positive score for RCVD_IN_BSP_TRUSTED rules (I have!)
Without it, lots of spam would get through with the default -4.3 score.
but if the spammer sends to our generic web contact address (found by
harvesting our web pages), shouldn't the company who gets paid to 'bond'
them unlist them?
I looked on www.returnpath.net, but didn't see any place to officially
report violations (without subscribing)
I have also filed a bugzilla report with specific ip, and verified with
dns that it is still a 'bonded sender'
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5977
host 94.32.2.72.sa-trusted.bondedsender.org
94.32.2.72.sa-trusted.bondedsender.org has address 127.0.0.10
their web site says they have a 'sender score of 60'
http://www.returnpath.net/senderscore/receiver/
--
Michael Scheidell, CTO
Main: 561-999-5000, Office: 561-939-7259
> *| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* Everything Channel Hot Product of 2008
* Shaping Information Security Award 2008
* CRN Magazine Top 40 Emerging Security Vendors
_________________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.spammertrap.com
_________________________________________________________________________
Re: where to report violations of RCVD_IN_BSP? (needs investigating?)
Posted by Michael Scheidell <sc...@secnap.net>.
> Michael Scheidell wrote:
>> yes, I can set a positive score for RCVD_IN_BSP_TRUSTED rules (I
>> have!) Without it, lots of spam would get through with the default
>> -4.3 score.
>>
>
-4.3 is STILL way to high a credit. If the email typically scores 10 or
higher, and you need the -4.3 to drag it back down to under 6 points,
something wrong with the sender, or the sender needs to be whitelisted
anyway.
Same issue with habaes.
--
Michael Scheidell, CTO
>|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBSD SpamAssassin Ports maintainer
> https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5978
>
_________________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.spammertrap.com
_________________________________________________________________________
Re: where to report violations of RCVD_IN_BSP? (needs investigating?)
Posted by Matt Kettler <mk...@verizon.net>.
Michael Scheidell wrote:
> yes, I can set a positive score for RCVD_IN_BSP_TRUSTED rules (I
> have!) Without it, lots of spam would get through with the default
> -4.3 score.
>
> but if the spammer sends to our generic web contact address (found by
> harvesting our web pages), shouldn't the company who gets paid to
> 'bond' them unlist them?
>
> I looked on www.returnpath.net, but didn't see any place to officially
> report violations (without subscribing)
Hmm, digging around, I see no publicly available feedback mechanism,
even after registering with senderscore.org, all I can do is detailed
queries, I can't report abuse.
That's a bit disconcerting.
My own leaning is that we need to investigate this, and if no accessible
mechanism exists that the average SA user can use, we should drop
senderscore from SpamAssassin.
I went ahead and opened a bugzilla on this, if for no other reason than
ensuring the final answers get tracked.
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5978
Re: where to report violations of RCVD_IN_BSP?
Posted by Charlie Davidson <wh...@yahoo.com>.
Michael Scheidell wrote:
>
> yes, I can set a positive score for RCVD_IN_BSP_TRUSTED rules (I have!)
> Without it, lots of spam would get through with the default -4.3 score.
>
I have also been unable to contact them and removed the default score of
-4.3. In fact, I'm concerned that if nobody is looking for feedback, BSP
will be frequently used by spammers and I am now contemplating adding a
slightly positive score for this rule.
--
View this message in context: http://www.nabble.com/where-to-report-violations-of-RCVD_IN_BSP--tp19518524p19614580.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.