• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

SPAM Assassin Queries

T

teknovision

Guest
Folks,

We were having some probs whereby emails from domains on our server were been tagged as spam.

I added *ourdomain1.com ourdomain2.com within the whitelist and it seems that spammers have been sending rather a lot of mails with a from address of [email protected], the message is therefore not processed by spamassassin. Any ideas on how I can stop this from happening?

Some thoughts although I don't know if this is possible adding IP address whitelist filtering? Any other ideas would be more than appreciated!!

Many thanks,

.//phil
 
I am not 100% sure what you are saying, but if I understand correctly, your server IP or reverse DNS address will have been logged on an external blacklist service such as spamhaus or spamcop. This will have happened as a result of your server being reported for spamming.

The way it works is that when your server sends an email, if it is received by a mailserver running spamassassin or similar software, the mailserver will contact the spam blacklisting services it is subscribed to and compare the mailserver address in the header of the incoming email with those on the blacklist. If there is a match the emails are dealt with as spam. Depending on the setup of the spam software the emails may be assigned a score for further processing or deleted or bounced etc etc.

To fix this you need to find out who is blacklisting you and ask for your server address to be removed. If you mention that you have located the spammer and removed all traces of their websites / mail accounts from your server, you may be in with a chance.

If this is the case, changing the spam settings on your server will make no difference at all. This is handled externally to make sure that spammers are deleted immediately.
 
Thanks for your reply EBHAUK! We are not blacklisted.

We are receiving a lot of spam which is using a domain which is hosted on our server [email protected].

In order to avoid spamming getting tagged when sending between accounts/domains on our server, we have whitlisted all the domains i.e. I have added *@hosteddomain.com to the whilist, this now means that a lot of spam is coming through untagged.

Any ideas on how to 1) not process internal emails (between domains hosted on our server) but 2) still process emails coming from the outside which are using a from address which uses one of the domains hosted on our server? Many thanks for any help!!

.//p
 
There is no one category which good messages hit consistently, a snapshot below:

No, score=-99.9 required=2.0 tests=RCVD_IN_SORBS_DUL, USER_IN_WHITELIST autolearn=no version=3.0.2
No, score=0.1 required=2.0 tests=FORGED_RCVD_HELO autolearn=failed version=3.0.2
No, score=1.2 required=2.0 tests=HTML_30_40,HTML_MESSAGE, MIME_HTML_ONLY,MSGID_FROM_MTA_HEADER autolearn=no version=3.0.2

I have noticed though that 'forged' mails often come with a reply-to adddress which is not same as sender. Is there a rule which could help here which I do not have?

Many thanks for your help!!
 
these things happens here too. I noticed your thresshold is set at 2. This is quite low, I would recommend to set it to 5.
 
You must log in or register to reply here.

Similar threads

L
Question System Emails Marked as Spam
Replies
2
Views
254
Leighton Thompson
L
W
Question Backup task notification email from PMMCli-Daemon always in Junk folder
Replies
14
Views
2K
Wolfgang Reidlinger
W
datea.services
Question Attempts to exceed outgoing limits: log of mails not sent
Replies
4
Views
511
Peter Debik
P
T
Resolved Cannot disable Spam Assassin
Replies
16
Views
2K
tollube
T
Anthonykung
Issue Server disconnect itself randomly `named[1566]: no longer listening on xxx.xxx.xxx.xxx` for over a month.
Replies
5
Views
1K
PeopleInside
PeopleInside
Back
Top