You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Matt Kettler <mk...@verizon.net> on 2008/09/17 04:08:41 UTC
Re: where to report violations of RCVD_IN_BSP? (needs investigating?)
Michael Scheidell wrote:
> yes, I can set a positive score for RCVD_IN_BSP_TRUSTED rules (I
> have!) Without it, lots of spam would get through with the default
> -4.3 score.
>
> but if the spammer sends to our generic web contact address (found by
> harvesting our web pages), shouldn't the company who gets paid to
> 'bond' them unlist them?
>
> I looked on www.returnpath.net, but didn't see any place to officially
> report violations (without subscribing)
Hmm, digging around, I see no publicly available feedback mechanism,
even after registering with senderscore.org, all I can do is detailed
queries, I can't report abuse.
That's a bit disconcerting.
My own leaning is that we need to investigate this, and if no accessible
mechanism exists that the average SA user can use, we should drop
senderscore from SpamAssassin.
I went ahead and opened a bugzilla on this, if for no other reason than
ensuring the final answers get tracked.
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5978
Re: where to report violations of RCVD_IN_BSP? (needs investigating?)
Posted by Michael Scheidell <sc...@secnap.net>.
> Michael Scheidell wrote:
>> yes, I can set a positive score for RCVD_IN_BSP_TRUSTED rules (I
>> have!) Without it, lots of spam would get through with the default
>> -4.3 score.
>>
>
-4.3 is STILL way to high a credit. If the email typically scores 10 or
higher, and you need the -4.3 to drag it back down to under 6 points,
something wrong with the sender, or the sender needs to be whitelisted
anyway.
Same issue with habaes.
--
Michael Scheidell, CTO
>|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBSD SpamAssassin Ports maintainer
> https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5978
>
_________________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.spammertrap.com
_________________________________________________________________________