You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by umeca74 <um...@hotmail.com> on 2012/11/17 05:02:44 UTC
wrong RCVD_IN_PBL?
Hello
I am doing some tests sending my emails to ContentAnalysis@UnifiedeMail.net
to assess their "spamminess"
when I send an email through e.g. hotmail, then it is low scored by
spamassassin
if I use MS Outlook to go through my SMTP server I immediately see a hefty
spam score on account of a blocked IP address:
3.3 RCVD_IN_PBL
RBL: Received via a relay in Spamhaus PBL
[94.68.74.194 listed in zen.spamhaus.org]
The explanation given there is that I am not using authenticated SMTP,
whereas I *am* using an authenticated SMTP connection through port 587
is there something wrong with spam assassin here or is it my fault?
thanks
nikos
--
View this message in context: http://spamassassin.1065346.n5.nabble.com/wrong-RCVD-IN-PBL-tp102334.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: wrong RCVD_IN_PBL?
Posted by John ffitch <jp...@codemist.co.uk>.
Is 1and1.co.uk in the trusted hosts?
On Sat, 17 Nov 2012, umeca74 wrote:
>> Your IP (ppp-94-68-74-194.home.otenet.gr is: 94.68.74.194) looks like
>> a dynamic home user subscriber line (adsl, cable, dialup).
>
> that's correct
>
>> PBL contains ranges of IP addresses that should never send e-mail
>> directly to other domains.
>
> that's what I'm saying, I am NOT sending emails directly from this IP, the
> SMTP server is located in germany (1and1.co.uk) and I am connecting to it
> using an encrypted authorized connection. That's why I think there is a
> problem with spam assassin's RCVD_IN_PBL report!
>
>
>
> --
> View this message in context: http://spamassassin.1065346.n5.nabble.com/wrong-RCVD-IN-PBL-tp102334p102340.html
> Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
>
Re: wrong RCVD_IN_PBL?
Posted by SM <sm...@resistor.net>.
Hi Andreas,
At 11:45 20-11-2012, Andreas Schulze wrote:
>I have a similiar issue with a web.de (german webmail) user. He uses
>his iPhone
>to submit mail via web.de submission service. (TLS + Authentication)
>
>The message triggers RCVD_IN_PBL and others. Any hint to make those
>message pass sa?
82.165.159.34 is listed in PBL ( http://www.spamhaus.org/pbl/query/PBL1532253 )
>Received: from mout-xforward.web.de (mout-xforward.web.de [82.165.159.34])
> by idvmailin03.datev.de (Postfix) with ESMTP id 3Y5btV2sQ8z690G;
> Tue, 20 Nov 2012 20:04:02 +0100 (CET)
The above would trigger that rule.
Regards,
-sm
Re: wrong RCVD_IN_PBL?
Posted by da...@chaosreigns.com.
This is quite different. The IP delivering the email to your server is
what's hitting RCVD_IN_PBL. Providing that part of the spamassassin -t
output so I didn't need to do it myself would've been helpful.
pts rule name description
---- ---------------------- --------------------------------------------------
3.6 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
[82.165.159.34 listed in zen.spamhaus.org]
On 11/20, Andreas Schulze wrote:
> I have a similiar issue with a web.de (german webmail) user. He uses his iPhone
> to submit mail via web.de submission service. (TLS + Authentication)
>
> The message triggers RCVD_IN_PBL and others. Any hint to make those message pass sa?
>
> here are the headers:
> --- snip
> X-Spam-Status: Yes, score=7.14 tag=-999 tag2=5 kill=5 tests=[BAYES_00=-1.9,
> FREEMAIL_FROM=0.001, HTML_IMAGE_ONLY_12=2.059,
> HTML_MESSAGE=0.001, MTX_NONE=0.001, RCVD_IN_PBL=3.335,
> RCVD_IN_PSBL=2.7, RCVD_IN_RP_RNBL=1.31, RP_MATCHES_RCVD=-0.369,
> TVD_SPACE_RATIO=0.001] autolearn=no
> X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on idvamavis03.datev.de
> X-Spam-ASN: AS8560 82.165.0.0/16
> Received: from mout-xforward.web.de (mout-xforward.web.de [82.165.159.34])
> by idvmailin03.datev.de (Postfix) with ESMTP id 3Y5btV2sQ8z690G;
> Tue, 20 Nov 2012 20:04:02 +0100 (CET)
> Received: from [192.168.178.43] ([93.205.254.85]) by smtp.web.de (mrweb102)
> with ESMTPSA (Nemesis) id 0MA5v3-1TPekj36PR-00BSUp; Tue, 20 Nov 2012 19:59:01
> +0100
> Subject: test
> References: <A0...@web.de>
> From: "foobar@web.de" <fo...@web.de>
> Mime-Version: 1.0 (1.0)
> Content-Type: multipart/alternative;
> boundary=Apple-Mail-87E5DAF2-18C6-4FCD-BF0D-CD6386E473CE
> X-Mailer: iPhone Mail (10A523)
> Message-Id: <E4...@web.de>
> Date: Tue, 20 Nov 2012 19:58:57 +0100
> Cc: foobar@datev.de
> Content-Transfer-Encoding: 7bit
> To: foobar@datev.de
> X-Provags-ID: V02:K0:EvqK/RN09UfFRommwYltjAXMl2r5JXh5KWYmQ/XvFE7
> v78RzfvGZ2i90sbUnAmle0j16h4tGzLgsFuwPaanb1zpyriAC1
> wbvb4NZuBy1wZDi2uIhlRUmtyTNNXdYa4InULTNS7wG4t+vqOm
> ugaM5p60njVb35BTzZd8ONV2nh4sL0Mke/7RawEhWRPZkuXKs8
> LiB5mlVf7ikRcHdur53ew==
>
>
> --Apple-Mail-87E5DAF2-18C6-4FCD-BF0D-CD6386E473CE
> ....
> --- snap
>
>
--
"My definition of a free society is a society where it is safe to be
unpopular." - Adlai E. Stevenson Jr.
http://www.ChaosReigns.com
Re: wrong RCVD_IN_PBL?
Posted by Andreas Schulze <sc...@andreasschulze.de>.
Am So, 18.11.2012, 18:48 schrieb darxus@chaosreigns.com:
>> are you sure? I will report it to my ISP
>
> No, I'm not sure, which is why I said "I believe...." and "But I haven't
> actually looked into those details lately. We need better documentation
> of this". But I am very confident something along these lines is your
> problem, and that it's appropriate to complain to your ISP that they're not
> properly indicating authentication in the received header they're adding.
Hi all,
I have a similiar issue with a web.de (german webmail) user. He uses his iPhone
to submit mail via web.de submission service. (TLS + Authentication)
The message triggers RCVD_IN_PBL and others. Any hint to make those message pass sa?
here are the headers:
--- snip
X-Spam-Status: Yes, score=7.14 tag=-999 tag2=5 kill=5 tests=[BAYES_00=-1.9,
FREEMAIL_FROM=0.001, HTML_IMAGE_ONLY_12=2.059,
HTML_MESSAGE=0.001, MTX_NONE=0.001, RCVD_IN_PBL=3.335,
RCVD_IN_PSBL=2.7, RCVD_IN_RP_RNBL=1.31, RP_MATCHES_RCVD=-0.369,
TVD_SPACE_RATIO=0.001] autolearn=no
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on idvamavis03.datev.de
X-Spam-ASN: AS8560 82.165.0.0/16
Received: from mout-xforward.web.de (mout-xforward.web.de [82.165.159.34])
by idvmailin03.datev.de (Postfix) with ESMTP id 3Y5btV2sQ8z690G;
Tue, 20 Nov 2012 20:04:02 +0100 (CET)
Received: from [192.168.178.43] ([93.205.254.85]) by smtp.web.de (mrweb102)
with ESMTPSA (Nemesis) id 0MA5v3-1TPekj36PR-00BSUp; Tue, 20 Nov 2012 19:59:01
+0100
Subject: test
References: <A0...@web.de>
From: "foobar@web.de" <fo...@web.de>
Mime-Version: 1.0 (1.0)
Content-Type: multipart/alternative;
boundary=Apple-Mail-87E5DAF2-18C6-4FCD-BF0D-CD6386E473CE
X-Mailer: iPhone Mail (10A523)
Message-Id: <E4...@web.de>
Date: Tue, 20 Nov 2012 19:58:57 +0100
Cc: foobar@datev.de
Content-Transfer-Encoding: 7bit
To: foobar@datev.de
X-Provags-ID: V02:K0:EvqK/RN09UfFRommwYltjAXMl2r5JXh5KWYmQ/XvFE7
v78RzfvGZ2i90sbUnAmle0j16h4tGzLgsFuwPaanb1zpyriAC1
wbvb4NZuBy1wZDi2uIhlRUmtyTNNXdYa4InULTNS7wG4t+vqOm
ugaM5p60njVb35BTzZd8ONV2nh4sL0Mke/7RawEhWRPZkuXKs8
LiB5mlVf7ikRcHdur53ew==
--Apple-Mail-87E5DAF2-18C6-4FCD-BF0D-CD6386E473CE
....
--- snap
Re: wrong RCVD_IN_PBL?
Posted by da...@chaosreigns.com.
On 11/17, umeca74 wrote:
> >Received: from hppro (ppp-94-68-74-194.home.otenet.gr [94.68.74.194])
> > by mrelayeu.kundenserver.de (node=mrbap1) with ESMTP (Nemesis)
> >
> > I believe if that said "ESMTPA" instead of "ESMTP",
> > you would not have that problem
>
> are you sure? I will report it to my ISP
No, I'm not sure, which is why I said "I believe...." and "But I haven't
actually looked into those details lately. We need better documentation
of this". But I am very confident something along these lines is your
problem, and that it's appropriate to complain to your ISP that they're not
properly indicating authentication in the received header they're adding.
--
"If you would be a real seeker after truth, it is necessary that at
least once in your life you doubt, as far as possible, all things."
- Rene Descartes
http://www.ChaosReigns.com
Re: wrong RCVD_IN_PBL?
Posted by RW <rw...@googlemail.com>.
On Sun, 18 Nov 2012 17:07:39 -0500
darxus@chaosreigns.com wrote:
> On 11/18, RW wrote:
> > Whilst that wont hurt, it's not the real cause of the problem here
> > which rests entirely with UnifiedeMail.net.
> >
> > Whilst it would have prevented this FP, authentication is intended
> > to solve a different problem. It shouldn't be necessary to have a
> > workaround for the internal network being needlessly allowed to
> > bleed into a remote private network.
> >
> > I wouldn't worry too much about this, it's not a general problem.
>
> I disagree. I think indicating the authentication is a better option
> than chopping off the early received header(s).
Who said anything about chopping-off headers?
I think you've probably misunderstood what's going on here. SA is
running on a third-party server that isn't under the control of the OP
or the OP's ISP. The OP has access to the SA tests because it's a
server that's set-up to autoreply with a report on spaminess.
If the UnifiedeMail MX server doesn't provide a received header then
trying to run most DNS blocklist tests or any test that involves the
edge of the internal network is pointless and error prone.
The lack of authentication doesn't affect the OP's deliverability
through the ISP in general. mrelayeu.kundenserver.de is on a
different /16 from kundenserver.de's mx servers so authentication isn't
even needed for SA installations run by the ISP's other customers.
Re: wrong RCVD_IN_PBL?
Posted by da...@chaosreigns.com.
On 11/18, RW wrote:
> Whilst that wont hurt, it's not the real cause of the problem here which
> rests entirely with UnifiedeMail.net.
>
> Whilst it would have prevented this FP, authentication is intended to
> solve a different problem. It shouldn't be necessary to have a
> workaround for the internal network being needlessly allowed to bleed
> into a remote private network.
>
> I wouldn't worry too much about this, it's not a general problem.
I disagree. I think indicating the authentication is a better option than
chopping off the early received header(s).
--
"I'd rather be happy than right any day."
- Slartiblartfast, The Hitchhiker's Guide to the Galaxy
http://www.ChaosReigns.com
Re: wrong RCVD_IN_PBL?
Posted by RW <rw...@googlemail.com>.
On Sat, 17 Nov 2012 21:09:11 -0800 (PST)
umeca74 wrote:
> > Is 1and1.co.uk in the trusted hosts?
ContentAnalysis[at]UnifiedeMail.net is an address you can send an email
to and get back a SpamAssassin report on that email.
> >Received: from hppro (ppp-94-68-74-194.home.otenet.gr
> >[94.68.74.194])
> > by mrelayeu.kundenserver.de (node=mrbap1) with ESMTP (Nemesis)
> >
> > I believe if that said "ESMTPA" instead of "ESMTP",
> > you would not have that problem
>
> are you sure? I will report it to my ISP
Whilst that wont hurt, it's not the real cause of the problem here which
rests entirely with UnifiedeMail.net.
Whilst it would have prevented this FP, authentication is intended to
solve a different problem. It shouldn't be necessary to have a
workaround for the internal network being needlessly allowed to bleed
into a remote private network.
I wouldn't worry too much about this, it's not a general problem.
Re: wrong RCVD_IN_PBL?
Posted by umeca74 <um...@hotmail.com>.
> Have you submitted your sample to Unifiedemail via the webform,
> or via e-mail ?
email (MS Outlook)
> Is 1and1.co.uk in the trusted hosts?
not sure what you mean. The server IP address is _not_ blacklisted (PBL
etc). I am not running the server, I am a plain user connecting through the
ISP
>Received: from hppro (ppp-94-68-74-194.home.otenet.gr [94.68.74.194])
> by mrelayeu.kundenserver.de (node=mrbap1) with ESMTP (Nemesis)
>
> I believe if that said "ESMTPA" instead of "ESMTP",
> you would not have that problem
are you sure? I will report it to my ISP
--
View this message in context: http://spamassassin.1065346.n5.nabble.com/wrong-RCVD-IN-PBL-tp102334p102347.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: wrong RCVD_IN_PBL?
Posted by da...@chaosreigns.com.
I don't think that should cause triggering RCVD_IN_PBL.
On 11/17, Frederic De Mees wrote:
> There is one line missing in the following path:
> =========================
> Received: from mx.mg2.unifiedemail.net ([10.251.10.236]) by
> corpserv1.corp.unifiedemail.net with Microsoft SMTPSVC(6.0.3790.4675);
> Fri, 16 Nov 2012 22:20:32 -0500
> Received: from ([127.0.0.1]) with MailEnable ESMTP; Fri, 16 Nov 2012
> 22:20:28 -0500
> Received: from hppro (ppp-94-68-74-194.home.otenet.gr [94.68.74.194])
> by mrelayeu.kundenserver.de (node=mrbap1) with ESMTP (Nemesis)
> id 0LhkkD-1Svsfh1rOL-00mkUj; Sat, 17 Nov 2012 04:20:25 +0100
> =========================
> A no time the message shows that Unifiedmail has received it from
> kundenserver.
>
> Have you submitted your sample to Unifiedemail via the webform, or
> via e-mail ?
>
> Frédéric
>
>
> ----- Original Message ----- From: "umeca74" <um...@hotmail.com>
> To: <us...@spamassassin.apache.org>
> Sent: Saturday, November 17, 2012 5:00 PM
> Subject: Re: wrong RCVD_IN_PBL?
>
>
> >>Your IP (ppp-94-68-74-194.home.otenet.gr is: 94.68.74.194) looks like
> >>a dynamic home user subscriber line (adsl, cable, dialup).
> >
> >that's correct
> >
> >>PBL contains ranges of IP addresses that should never send e-mail
> >>directly to other domains.
> >
> >that's what I'm saying, I am NOT sending emails directly from this IP, the
> >SMTP server is located in germany (1and1.co.uk) and I am connecting to it
> >using an encrypted authorized connection. That's why I think there is a
> >problem with spam assassin's RCVD_IN_PBL report!
> >
> >
> >
> >--
> >View this message in context: http://spamassassin.1065346.n5.nabble.com/wrong-RCVD-IN-PBL-tp102334p102340.html
> >Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
> >
>
--
"No human thing is of serious importance." - Plato
http://www.ChaosReigns.com
Re: wrong RCVD_IN_PBL?
Posted by Frederic De Mees <li...@demees.net>.
There is one line missing in the following path:
=========================
Received: from mx.mg2.unifiedemail.net ([10.251.10.236]) by
corpserv1.corp.unifiedemail.net with Microsoft SMTPSVC(6.0.3790.4675);
Fri, 16 Nov 2012 22:20:32 -0500
Received: from ([127.0.0.1]) with MailEnable ESMTP; Fri, 16 Nov 2012
22:20:28 -0500
Received: from hppro (ppp-94-68-74-194.home.otenet.gr [94.68.74.194])
by mrelayeu.kundenserver.de (node=mrbap1) with ESMTP (Nemesis)
id 0LhkkD-1Svsfh1rOL-00mkUj; Sat, 17 Nov 2012 04:20:25 +0100
=========================
A no time the message shows that Unifiedmail has received it from
kundenserver.
Have you submitted your sample to Unifiedemail via the webform, or via
e-mail ?
Frédéric
----- Original Message -----
From: "umeca74" <um...@hotmail.com>
To: <us...@spamassassin.apache.org>
Sent: Saturday, November 17, 2012 5:00 PM
Subject: Re: wrong RCVD_IN_PBL?
>> Your IP (ppp-94-68-74-194.home.otenet.gr is: 94.68.74.194) looks like
>> a dynamic home user subscriber line (adsl, cable, dialup).
>
> that's correct
>
>> PBL contains ranges of IP addresses that should never send e-mail
>> directly to other domains.
>
> that's what I'm saying, I am NOT sending emails directly from this IP, the
> SMTP server is located in germany (1and1.co.uk) and I am connecting to it
> using an encrypted authorized connection. That's why I think there is a
> problem with spam assassin's RCVD_IN_PBL report!
>
>
>
> --
> View this message in context:
> http://spamassassin.1065346.n5.nabble.com/wrong-RCVD-IN-PBL-tp102334p102340.html
> Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
>
Re: wrong RCVD_IN_PBL?
Posted by umeca74 <um...@hotmail.com>.
> Your IP (ppp-94-68-74-194.home.otenet.gr is: 94.68.74.194) looks like
> a dynamic home user subscriber line (adsl, cable, dialup).
that's correct
> PBL contains ranges of IP addresses that should never send e-mail
> directly to other domains.
that's what I'm saying, I am NOT sending emails directly from this IP, the
SMTP server is located in germany (1and1.co.uk) and I am connecting to it
using an encrypted authorized connection. That's why I think there is a
problem with spam assassin's RCVD_IN_PBL report!
--
View this message in context: http://spamassassin.1065346.n5.nabble.com/wrong-RCVD-IN-PBL-tp102334p102340.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: wrong RCVD_IN_PBL?
Posted by da...@chaosreigns.com.
On 11/17, Frederic De Mees wrote:
> From: "umeca74" <um...@hotmail.com>
> >
> >3.3 RCVD_IN_PBL
> >RBL: Received via a relay in Spamhaus PBL
> >[94.68.74.194 listed in zen.spamhaus.org]
> >
>
> Your IP (ppp-94-68-74-194.home.otenet.gr is: 94.68.74.194) looks
> like a dynamic home user subscriber line (adsl, cable, dialup).
>
> PBL contains ranges of IP addresses that should never send e-mail
> directly to other domains.
> You should use Otenet's SMTP service offered with your subscription
> as a relay host (smart host), or rent a dedicated server/VPS in a
> colo as an alternative.
No, all this should be completely unnecessary, and handled by spamassassin
detecting an indication of authentication in the received header. That
indication of authentication is missing. I'd suggest complaining to the
mail server provider about it.
Received: from hppro (ppp-94-68-74-194.home.otenet.gr [94.68.74.194])
by mrelayeu.kundenserver.de (node=mrbap1) with ESMTP (Nemesis)
id 0LhkkD-1Svsfh1rOL-00mkUj; Sat, 17 Nov 2012 04:20:25 +0100
I believe if that said "ESMTPA" instead of "ESMTP", you would not have that
problem. But I haven't actually looked into those details lately. We need
better documentation of this.
--
"The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all progress
depends on the unreasonable man." - George Bernard Shaw
http://www.ChaosReigns.com
Re: wrong RCVD_IN_PBL?
Posted by Frederic De Mees <li...@demees.net>.
From: "umeca74" <um...@hotmail.com>
>
> 3.3 RCVD_IN_PBL
> RBL: Received via a relay in Spamhaus PBL
> [94.68.74.194 listed in zen.spamhaus.org]
>
Your IP (ppp-94-68-74-194.home.otenet.gr is: 94.68.74.194) looks like a
dynamic home user subscriber line (adsl, cable, dialup).
PBL contains ranges of IP addresses that should never send e-mail directly
to other domains.
You should use Otenet's SMTP service offered with your subscription as a
relay host (smart host), or rent a dedicated server/VPS in a colo as an
alternative.
Or get in touch with Otenet in order to acquire a customer fixed IP address,
and have them setting the reverse of this IP address to a hostname in a
domain you own.
(BTW if you want to send me a reply, I would block your message for that
reason. Hosts listed in pbl.spamhaus.org are not allowed to talk. Stick with
Hotmail.)
Frédéric De Mees
Brussels
Re: wrong RCVD_IN_PBL?
Posted by umeca74 <um...@hotmail.com>.
here are the full headers
Received: from mx.mg2.unifiedemail.net ([10.251.10.236]) by
corpserv1.corp.unifiedemail.net with Microsoft SMTPSVC(6.0.3790.4675);
Fri, 16 Nov 2012 22:20:32 -0500
Received: from ([127.0.0.1]) with MailEnable ESMTP; Fri, 16 Nov 2012
22:20:28 -0500
Received: from hppro (ppp-94-68-74-194.home.otenet.gr [94.68.74.194])
by mrelayeu.kundenserver.de (node=mrbap1) with ESMTP (Nemesis)
id 0LhkkD-1Svsfh1rOL-00mkUj; Sat, 17 Nov 2012 04:20:25 +0100
From: "crack tracker support" <ie...@cracktracker.net>
To: <Co...@UnifiedeMail.net>
Subject: test
Date: Sat, 17 Nov 2012 05:20:18 +0200
Message-ID: <00...@net>
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_NextPart_000_0010_01CDC483.3D1E53D0"
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Ac3EcnhUPFbrdHFwT0y/nftjrZMDug==
Content-Language: en-gb
X-Provags-ID: V02:K0:HA2dqBzVngZGF7Z342w8WndeOhh4XXYUzBmOM+SVUxN
aJegdGwz1C5nBn3bXRcp55nWHLCGseq5h3nifH3njLjK0FdGSK
oAQAkvEA8MXEqHHcEOsrr+VXXgRmGknWLfK293/c6xeYdANBei
hQbDHAMz1ZN1LIvAQpPKyp2NbhF1SUa3N3udsibn+yB1jK5q7u
Mx0He1Z11rHzXcKVbIMki+bDQZ1rR2HiYPoXAT8APzvFVNHysF
nFU5TSPbSPzHAXL3T3Y/BDPAFYX4w2EVREaK/uXONaf+7M36jC
anhc+adRxjVufjMHik1cptfqc+O04aBlK4uTs3H3Ph+UO2jbV6
rPGurZP2YTx/UaCYpEXI=
Received-SPF: none (mx.mg1.unifiedemail.net: cracktracker.net does not
designate permitted sender hosts)
X-ME-Bayesian: 0.000000
Return-Path: ietest@cracktracker.net
X-OriginalArrivalTime: 17 Nov 2012 03:20:32.0687 (UTC)
FILETIME=[809F93F0:01CDC472]
This is a multi-part message in MIME format.
------=_NextPart_000_0010_01CDC483.3D1E53D0
Content-Type: multipart/alternative;
boundary="----=_NextPart_001_0011_01CDC483.3D1E7AE0"
------=_NextPart_001_0011_01CDC483.3D1E7AE0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
(message follows)
--
View this message in context: http://spamassassin.1065346.n5.nabble.com/wrong-RCVD-IN-PBL-tp102334p102338.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: wrong RCVD_IN_PBL?
Posted by da...@chaosreigns.com.
On 11/16, umeca74 wrote:
> thanks for your reply. By "MTA" you mean my email program, Microsoft Outlook?
> I didn't change any of its settings, is there anything I could try?
No, your mail server software. If your mail client (outlook) could add it,
then any client could forge that information.
Providing full headers would probably make it easier to help you.
--
"You shall know the truth, and it shall make you odd."
-- Flannery O'Connor
http://www.ChaosReigns.com
Re: wrong RCVD_IN_PBL?
Posted by umeca74 <um...@hotmail.com>.
thanks for your reply. By "MTA" you mean my email program, Microsoft Outlook?
I didn't change any of its settings, is there anything I could try?
--
View this message in context: http://spamassassin.1065346.n5.nabble.com/wrong-RCVD-IN-PBL-tp102334p102336.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: wrong RCVD_IN_PBL?
Posted by da...@chaosreigns.com.
On 11/16, umeca74 wrote:
> Hello
>
> I am doing some tests sending my emails to ContentAnalysis@UnifiedeMail.net
> to assess their "spamminess"
>
> when I send an email through e.g. hotmail, then it is low scored by
> spamassassin
>
> if I use MS Outlook to go through my SMTP server I immediately see a hefty
> spam score on account of a blocked IP address:
>
> 3.3 RCVD_IN_PBL
> RBL: Received via a relay in Spamhaus PBL
> [94.68.74.194 listed in zen.spamhaus.org]
>
> The explanation given there is that I am not using authenticated SMTP,
> whereas I *am* using an authenticated SMTP connection through port 587
>
> is there something wrong with spam assassin here or is it my fault?
Your MTA isn't mentioning the authentication in the relevant received
header in a way that spamassassin recognizes.
--
"The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all progress
depends on the unreasonable man." - George Bernard Shaw
http://www.ChaosReigns.com