Hi!
>> header RCVD_IN_JMF_W eval:check_rbl_sub('JMF-lastexternal', '127.0.0.1')
>> describe RCVD_IN_JMF_W Sender listed in JMF-WHITE
>> tflags RCVD_IN_JMF_W net nice
>> score RCVD_IN_JMF_W -5
> Hopefully my comment isn't out of place with the current discussion of
> JMF/Hostkarma. I think this is not only a really bad default score,
> but it should be reduced to -0.5 or perhaps not used at all.
>
> I have a money/fraud email that hit RCVD_IN_JMF_W that passed through
> these servers:
>
> Received: from 41.220.75.3
> Received: from webmail.stu.qmul.ac.uk (138.37.100.37) by mercury.stu.qmul.ac.uk
> Received: from qmwmail2.stu.qmul.ac.uk ([138.37.100.210]
> Received: from mail2.qmul.ac.uk (mail2.qmul.ac.uk [138.37.6.6])
>
> It also hit these other rules:
>
> X-Spam-Status: No, hits=1.3 tagged_above=-300.0 required=5.0 use_bayes=1
> tests=AE_GBP, BAYES_50, LOTS_OF_MONEY, LOTTERY_PH_004470,
> LOTTO_RELATED, MONEY_TO_NO_R, RCVD_IN_DNSWL_MED, RCVD_IN_JMF_W,
> RELAYCOUNTRY_UK, SPF_FAIL, SPF_HELO_FAIL
>
> Unless I'm really missing something, which server has JMF/Hostkarma
> whitelisted that shouldn't be?
You are not missing anything. Its my point also.
Bye,
Raymond.
>> header RCVD_IN_JMF_W eval:check_rbl_sub('JMF-lastexternal', '127.0.0.1')
>> describe RCVD_IN_JMF_W Sender listed in JMF-WHITE
>> tflags RCVD_IN_JMF_W net nice
>> score RCVD_IN_JMF_W -5
> Hopefully my comment isn't out of place with the current discussion of
> JMF/Hostkarma. I think this is not only a really bad default score,
> but it should be reduced to -0.5 or perhaps not used at all.
>
> I have a money/fraud email that hit RCVD_IN_JMF_W that passed through
> these servers:
>
> Received: from 41.220.75.3
> Received: from webmail.stu.qmul.ac.uk (138.37.100.37) by mercury.stu.qmul.ac.uk
> Received: from qmwmail2.stu.qmul.ac.uk ([138.37.100.210]
> Received: from mail2.qmul.ac.uk (mail2.qmul.ac.uk [138.37.6.6])
>
> It also hit these other rules:
>
> X-Spam-Status: No, hits=1.3 tagged_above=-300.0 required=5.0 use_bayes=1
> tests=AE_GBP, BAYES_50, LOTS_OF_MONEY, LOTTERY_PH_004470,
> LOTTO_RELATED, MONEY_TO_NO_R, RCVD_IN_DNSWL_MED, RCVD_IN_JMF_W,
> RELAYCOUNTRY_UK, SPF_FAIL, SPF_HELO_FAIL
>
> Unless I'm really missing something, which server has JMF/Hostkarma
> whitelisted that shouldn't be?
You are not missing anything. Its my point also.
Bye,
Raymond.