List colleagues,
I'm running SA 2.63, Perl 5.6.1 and Communigate Pro 4.1.8/CGPSA 1.3b2 on a
Win2K server.
Virtually every message with an AOL "from" user address is triggering
FAKE_HELO_AOL and NO_RDNS_DOTCOM_HELO rules. In the example that follows,
I've confirmed that forward and reverse DNS lookups for 64.12.136.4 and
imo-m01.mx.aol.com are valid. Yet, the rules are being triggered.
Any ideas or comments about this?
Regards,
Marc
Received: from imo-m01.mx.aol.com ([64.12.136.4] verified)
by xxx.com (CommuniGate Pro SMTP 4.1.8)
with ESMTP id 875522 for yyy@xxx.com; Tue, 03 Feb 2004 08:37:38 -0800
Received: from Dwsf@aol.com
by imo-m01.mx.aol.com (mail_out_v36_r4.12.) id m.b9.3bfe3305 (4116)
for <Slowhand101967@aol.com>; Tue, 3 Feb 2004 11:14:06 -0500 (EST)
From: Dwsf@aol.com
Message-ID: <b9.3bfe3305.2d5122ce@aol.com>
Date: Tue, 3 Feb 2004 11:14:06 EST
To: Slowhand101967@aol.com
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="part1_b9.3bfe3305.2d5122ce_boundary"
X-Mailer: 7.0 for Windows sub 10708
Subject: ** Possible SPAM ** DRUM WORLD NEWS 2004
Date: Tue, 3 Feb 2004 11:14:06 EST
Message-Id: <b9.3bfe3305.2d5122ce@aol.com>
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on zzz.yyy.com
X-Spam-Status: Yes, hits=11.6 required=5.0 tests=ADDR_NUMS_AT_BIGSITE=2.699,
BAYES_44=-0.001,FAKE_HELO_AOL=2.354,HTML_FONTCOLOR_BLUE=0.1,
HTML_FONTCOLOR_RED=0.101,HTML_FONT_BIG=0.267,HTML_MESSAGE=0.1,
NO_DNS_FOR_FROM=1.65,NO_RDNS_DOTCOM_HELO=4.099,NO_REAL_NAME=0.16,
RCVD_IN_SBLCSMA=0.1 autolearn=no version=2.63
X-Spam-Level: ***********
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_401FCE5A.385A0000"
X-TFF-CGPSA-Filter: Scanned
X-TFF-CGPSA-Version: 1.3b2
I'm running SA 2.63, Perl 5.6.1 and Communigate Pro 4.1.8/CGPSA 1.3b2 on a
Win2K server.
Virtually every message with an AOL "from" user address is triggering
FAKE_HELO_AOL and NO_RDNS_DOTCOM_HELO rules. In the example that follows,
I've confirmed that forward and reverse DNS lookups for 64.12.136.4 and
imo-m01.mx.aol.com are valid. Yet, the rules are being triggered.
Any ideas or comments about this?
Regards,
Marc
Received: from imo-m01.mx.aol.com ([64.12.136.4] verified)
by xxx.com (CommuniGate Pro SMTP 4.1.8)
with ESMTP id 875522 for yyy@xxx.com; Tue, 03 Feb 2004 08:37:38 -0800
Received: from Dwsf@aol.com
by imo-m01.mx.aol.com (mail_out_v36_r4.12.) id m.b9.3bfe3305 (4116)
for <Slowhand101967@aol.com>; Tue, 3 Feb 2004 11:14:06 -0500 (EST)
From: Dwsf@aol.com
Message-ID: <b9.3bfe3305.2d5122ce@aol.com>
Date: Tue, 3 Feb 2004 11:14:06 EST
To: Slowhand101967@aol.com
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="part1_b9.3bfe3305.2d5122ce_boundary"
X-Mailer: 7.0 for Windows sub 10708
Subject: ** Possible SPAM ** DRUM WORLD NEWS 2004
Date: Tue, 3 Feb 2004 11:14:06 EST
Message-Id: <b9.3bfe3305.2d5122ce@aol.com>
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on zzz.yyy.com
X-Spam-Status: Yes, hits=11.6 required=5.0 tests=ADDR_NUMS_AT_BIGSITE=2.699,
BAYES_44=-0.001,FAKE_HELO_AOL=2.354,HTML_FONTCOLOR_BLUE=0.1,
HTML_FONTCOLOR_RED=0.101,HTML_FONT_BIG=0.267,HTML_MESSAGE=0.1,
NO_DNS_FOR_FROM=1.65,NO_RDNS_DOTCOM_HELO=4.099,NO_REAL_NAME=0.16,
RCVD_IN_SBLCSMA=0.1 autolearn=no version=2.63
X-Spam-Level: ***********
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_401FCE5A.385A0000"
X-TFF-CGPSA-Filter: Scanned
X-TFF-CGPSA-Version: 1.3b2