Title: How to bypass spam email ? Post by: pwizard on Wednesday 03 March 2010, 08:52:08 pm I use endian 2.2 , I want to bypass email from domain @cj.net (this below) .
Please suggestion for me ? many thank. Example.. Unsolicited bulk email from: phataradanai@cj.net Subject: Read: RE: PRE ALERT APIC (H.TOW-12011693/FUJI) According to the 'Received:' trace, the message originated at: MBXVS06.cj.net [52.2.55.207] The message WILL NOT BE delivered to: <jarunee@xxxx>: 250 2.7.0 Ok, discarded, id=02184-14 - SPAM Not quarantined. SpamAssassin report: Spam detection software, running on the system "xxxxxx", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Your message was read on Thursday, March 04, 2010 3:39:43 PM (GMT+09:00) Seoul. Your message was read on Thursday, March 04, 2010 3:39:43 PM (GMT+09:00) Seoul. [...] Content analysis details: (7.4 points, 7.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.2 X_IP Message has X-IP header 3.2 FH_DATE_PAST_20XX The date is grossly in the future. -0.0 SPF_PASS SPF: sender matches SPF record 2.1 RCVD_NUMERIC_HELO Received: contains an IP address used for HELO -0.2 BAYES_40 BODY: Bayesian spam probability is 20 to 40% [score: 0.2243] 0.0 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME 0.0 HTML_MESSAGE BODY: HTML included in message -0.9 AWL AWL: From: address is in the auto white-list ------------------------- BEGIN HEADERS ----------------------------- Return-Path: <phataradanai@cj.net> Received: from epweb17.cj.net (epweb17.cj.net [203.248.116.52]) by xxxx (Postfix) with ESMTP id 35400C18007 for <jarunee@xxxx>; Thu, 4 Mar 2010 13:39:19 +0700 (ICT) Received: from 52.2.55.58 (52.2.55.58 [52.2.55.58]) by epweb17.cj.net (WBlock.pst 3.6.25) with ESMTP id <E917E03A5FFAB34F8F7DB1C4C05CE25292A4BDE867@MBXVS06.cj.net> for <jarunee@xxxx>; Thu, 4 Mar 2010 15:39:45 +0900 Received: from CAS05.cj.net ([52.2.55.65]) by EPWEB03.cj.net with Microsoft SMTPSVC(6.0.3790.3959); Thu, 4 Mar 2010 15:39:45 +0900 Received: from MBXVS06.cj.net ([52.2.55.207]) by CAS05.cj.net ([52.2.55.65]) with mapi; Thu, 4 Mar 2010 15:39:44 +0900 From: Phattharadanai Techa <phataradanai@cj.net> To: BS_Jarunee <jarunee@xxxx> Date: Thu, 4 Mar 2010 15:39:43 +0900 Subject: Read: RE: PRE ALERT APIC (H.TOW-12011693/FUJI) Thread-Topic: PRE ALERT APIC (H.TOW-12011693/FUJI) Thread-Index: Acq7ZCNcNXMJkqKDQj+iH11ApJIU1QAAO7pAAAAZwSE= Message-ID: <E917E03A5FFAB34F8F7DB1C4C05CE25292A4BDE867@MBXVS06.cj.net> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: Content-Type: multipart/report; boundary="_000_E917E03A5FFAB34F8F7DB1C4C05CE25292A4BDE867MBXVS06cjnet_"; report-type=disposition-notification MIME-Version: 1.0 X-OriginalArrivalTime: 04 Mar 2010 06:39:45.0176 (UTC) FILETIME=[7A51E980:01CABB65] X-IP: 52.2.55.58 X-FROM-DOMAIN: cj.net X-FROM-EMAIL: phataradanai@cj.net -------------------------- END HEADERS ------------------------------ Title: Re: How to bypass spam email ? Post by: TheEricHarris on Monday 05 April 2010, 12:46:21 am Did you figure this out?
I have tried putting domain in the sender whitelist but a specific email keeps getting tagged as spam :( Title: Re: How to bypass spam email ? Post by: TheEricHarris on Monday 05 April 2010, 05:18:50 am Found this:
http://bugs.endian.com/view.php?id=811 A solution to avoid this issue is to manually modify spamassassin configuration file. WARNING this is intended only for advanced users who know what they are doing!! The file to edit is /etc/spamassassin/local.cf.tmpl you have to append lines like this: whitelist_from *@google.com here more info about spammassassin whitelist http://wiki.apache.org/spamassassin/ManualWhitelist [^] This hack works on 2.1 and 2.2 systems, but an update may reset this configuration. I tested it with a blacklist_from testaddress@domain.com and it worked. We'll see if it works tomorrow morning... |