Hello,
Spamassassin Version: 3.4.2Amavisd-new Vrsion: 2.7.1
ALL_TRUSTED is always in every header:Here's an example header:
Return-Path: <360-KCI-804.0.1049843.0.0.170139.9.7679675@bounce.info.adobe.com>
Delivered-To: <email hidden>
Received: from localhost (localhost [127.0.0.1])
by mailserver.com (Postfix) with ESMTP id 06D399209E6
for <email hidden>; Fri, 23 Jun 2023 10:08:08 -0500 (CDT)
X-Virus-Scanned: Debian amavisd-new at mailserver.com
X-Spam-Flag: NO
X-Spam-Score: -0.875
X-Spam-Level:
X-Spam-Status: No, score=-0.875 tagged_above=-9999 required=4
tests=[ALL_TRUSTED=-9, BAYES_95=8.514, DKIM_INVALID=0.1,
DKIM_SIGNED=-0.5, HTML_MESSAGE=0.001, T_KAM_HTML_FONT_INVALID=0.01,
T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_HELO_TEMPERROR=0.01]
autolearn=no autolearn_force=no
Authentication-Results: mailserver.com (amavisd-new); dkim=neutral
reason="invalid (public key: DNS error: unknown error or no error)"
header.d=info.adobe.com header.b=KUYoKm+s; dkim=neutral
reason="invalid (public key: DNS error: unknown error or no error)"
header.d=mktdns.com header.b=SUJjLr4c
Received: from mailserver.com ([127.0.0.1])
by localhost (mailserver.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id PopBB_RLVu-O for <email hidden>;
Fri, 23 Jun 2023 10:08:07 -0500 (CDT)
Received: from bounce.info.adobe.com (bounce.info.adobe.com [192.28.155.24])
by mailserver.com (Postfix) with ESMTPS id 08D9E920938
for <email hidden>; Fri, 23 Jun 2023 10:08:05 -0500 (CDT)
X-MSFBL: gcw/tJ06N/ARaZfFESKqq9ndwWIWXdvw23qQPDyFCao=|eyJnIjoiYmctYWJkLTg
2OSIsImIiOiJkdnAtMTkyLTI4LTE1NS0yNCIsInIiOiJkam9uZXMtc3Vkb2xAZ3J
hcGhpY3NpaS5jb20iLCJ1IjoiMzYwLUtDSS04MDQ6MDo5NDAzNTo1MDExMTc6MjY
wODcwNzoxNzAxMzk6OToxMDQ5ODQzOjc2Nzk2NzUifQ==
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1687532842;
s=m1; d=info.adobe.com; i=@info.adobe.com;
h=Content-Type:MIME-Version:Subject:To:From:Date;
bh=fzTniaB97fKkL/zccN8peKm3+Ehw95QNLNCFE3Dyizs=;
b=KUYoKm+smMdihivUZBbhRpHEEKCUWD2KefgMJ1MAI3wVKkWs7tXsddwuMW9vmB4J
ShxSX3h0aCL+Ajubk7jr8ZCH9i0Q5i5LirY9VHKK2qluGIS92PBEJ2u7zN644yJJaGt
3pBL4X5ds9aA8oI5uUuroh18GuxhtryCjIKN5Uak=
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1687532842;
s=m1; d=mktdns.com; i=@mktdns.com;
h=Content-Type:MIME-Version:Subject:To:From:Date;
bh=fzTniaB97fKkL/zccN8peKm3+Ehw95QNLNCFE3Dyizs=;
b=SUJjLr4czOUnuQmZoHnOHvFQwGXjm4WTafWxYuh6DiLScW7G5Vy/8Zv/2dfd0H/D
27cwkR37G+rTEgEvUySeP+KLmPlgaFQgEyX6e3FpDri6HH1yhcURu/HOl2/MqT2OWBI
M1wk3DZIeyXmzphtSIMckW0pIGQu3dSO5nf2uI90=
Date: Fri, 23 Jun 2023 10:07:22 -0500 (CDT)
From: Adobe Creative Cloud for Business <demand@info.adobe.com>
Reply-To: demand@info.adobe.com
To: <email hidden>
Message-ID: <2077373210.283929485.1687532842319@abmktmail-batch1i.mark
I have both internal_networks and trusted_networks set correctly.
I don't know where to look to stop this from happening.
I've tried adding clear_internal_networks and clear_trusted_networks
You probably noticed I bumped up the ALL_TRUSTED score but even if use the default value (-1) it still fires on every message.
Any clues as to where to start sleuthing this?
Spamassassin Version: 3.4.2Amavisd-new Vrsion: 2.7.1
ALL_TRUSTED is always in every header:Here's an example header:
Return-Path: <360-KCI-804.0.1049843.0.0.170139.9.7679675@bounce.info.adobe.com>
Delivered-To: <email hidden>
Received: from localhost (localhost [127.0.0.1])
by mailserver.com (Postfix) with ESMTP id 06D399209E6
for <email hidden>; Fri, 23 Jun 2023 10:08:08 -0500 (CDT)
X-Virus-Scanned: Debian amavisd-new at mailserver.com
X-Spam-Flag: NO
X-Spam-Score: -0.875
X-Spam-Level:
X-Spam-Status: No, score=-0.875 tagged_above=-9999 required=4
tests=[ALL_TRUSTED=-9, BAYES_95=8.514, DKIM_INVALID=0.1,
DKIM_SIGNED=-0.5, HTML_MESSAGE=0.001, T_KAM_HTML_FONT_INVALID=0.01,
T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_HELO_TEMPERROR=0.01]
autolearn=no autolearn_force=no
Authentication-Results: mailserver.com (amavisd-new); dkim=neutral
reason="invalid (public key: DNS error: unknown error or no error)"
header.d=info.adobe.com header.b=KUYoKm+s; dkim=neutral
reason="invalid (public key: DNS error: unknown error or no error)"
header.d=mktdns.com header.b=SUJjLr4c
Received: from mailserver.com ([127.0.0.1])
by localhost (mailserver.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id PopBB_RLVu-O for <email hidden>;
Fri, 23 Jun 2023 10:08:07 -0500 (CDT)
Received: from bounce.info.adobe.com (bounce.info.adobe.com [192.28.155.24])
by mailserver.com (Postfix) with ESMTPS id 08D9E920938
for <email hidden>; Fri, 23 Jun 2023 10:08:05 -0500 (CDT)
X-MSFBL: gcw/tJ06N/ARaZfFESKqq9ndwWIWXdvw23qQPDyFCao=|eyJnIjoiYmctYWJkLTg
2OSIsImIiOiJkdnAtMTkyLTI4LTE1NS0yNCIsInIiOiJkam9uZXMtc3Vkb2xAZ3J
hcGhpY3NpaS5jb20iLCJ1IjoiMzYwLUtDSS04MDQ6MDo5NDAzNTo1MDExMTc6MjY
wODcwNzoxNzAxMzk6OToxMDQ5ODQzOjc2Nzk2NzUifQ==
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1687532842;
s=m1; d=info.adobe.com; i=@info.adobe.com;
h=Content-Type:MIME-Version:Subject:To:From:Date;
bh=fzTniaB97fKkL/zccN8peKm3+Ehw95QNLNCFE3Dyizs=;
b=KUYoKm+smMdihivUZBbhRpHEEKCUWD2KefgMJ1MAI3wVKkWs7tXsddwuMW9vmB4J
ShxSX3h0aCL+Ajubk7jr8ZCH9i0Q5i5LirY9VHKK2qluGIS92PBEJ2u7zN644yJJaGt
3pBL4X5ds9aA8oI5uUuroh18GuxhtryCjIKN5Uak=
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1687532842;
s=m1; d=mktdns.com; i=@mktdns.com;
h=Content-Type:MIME-Version:Subject:To:From:Date;
bh=fzTniaB97fKkL/zccN8peKm3+Ehw95QNLNCFE3Dyizs=;
b=SUJjLr4czOUnuQmZoHnOHvFQwGXjm4WTafWxYuh6DiLScW7G5Vy/8Zv/2dfd0H/D
27cwkR37G+rTEgEvUySeP+KLmPlgaFQgEyX6e3FpDri6HH1yhcURu/HOl2/MqT2OWBI
M1wk3DZIeyXmzphtSIMckW0pIGQu3dSO5nf2uI90=
Date: Fri, 23 Jun 2023 10:07:22 -0500 (CDT)
From: Adobe Creative Cloud for Business <demand@info.adobe.com>
Reply-To: demand@info.adobe.com
To: <email hidden>
Message-ID: <2077373210.283929485.1687532842319@abmktmail-batch1i.mark
I have both internal_networks and trusted_networks set correctly.
I don't know where to look to stop this from happening.
I've tried adding clear_internal_networks and clear_trusted_networks
You probably noticed I bumped up the ALL_TRUSTED score but even if use the default value (-1) it still fires on every message.
Any clues as to where to start sleuthing this?