spamassassin-users December 2011 archive
Main Archive Page > Month Archives  > spamassassin-users archives
spamassassin-users: Re: trusted-relay

Re: trusted-relay

From: <darxus_at_nospam>
Date: Wed Dec 21 2011 - 18:19:52 GMT
To: users@spamassassin.apache.org

On 12/21, Jan Agermose wrote:
> Ive not checked what other mail we are scanning that also hits this and
> related rules: RP_MATCHES_RCVD - but when ever I actually do get spam on
> my own mailaccount its always casino mail and always getting marked as
> non-spam because of rules like this one and others that seams related
> saying that the mail is trusted because of sender server/relay host.
>
>
>
> to me that sounds strange. How can all my spam come from hosts that
> spamassassin thinks are nice hosts :) ?

The description of RP_MATCHES_RCVD isn't the clearest, or at least not most
consistent with wording used elsewhere in SA. It looks like that rule
means that the "envelope from" (which is where the remote SMTP server
says the email is from, not the From: header, and generally not included
in mail headers) matches the domain of the "last untrusted relay".

But your question may actually be a very good one, which might, in the
end, come down to: Why isn't RP_MATCHES_RCVD flagged as mutable and
having optimal scores generated based on masscheck data?

Its rank, and S/O, are not particularly impressive:
http://ruleqa.spamassassin.org/?daterev=20111217&rule=RP_MATCHES_RCVD

Also, as others have hinted at, you probably shouldn't use the words
"trusted relay" unless you're specifically referring to the SA setting
trusted_networks. That term has a specific meaning, and using it when
talking about something else is confusing.

-- "He who dies with the most toys... still dies." - No Fear http://www.ChaosReigns.com