Facebook
TwitterTobias Sorensson
Basic Pleskian
- Server operating system version
- Ubuntu 22.04
- Plesk version and microupdate number
- Plesk Obsidian 18.0.75
a end user got this message from plesk
Spam detection software, running on the system "nena.webspring.se", has
identified this incoming email as possible spam. The original message has
been attached to this so you can view it or label similar future email. If
you have any questions, see the administrator of that system for details.
Content preview: This is to officially inform you that you have been
selected
to receive a grant donation from the Google Foundation. This selection
reflects
your outstanding contributions and potential for future imp [...]
Content analysis details: (9.4 points, 7.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
0.0 HTML_MESSAGE BODY: HTML included in message
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[123.136.29.18 listed in psbl.surriel.com]
1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in
bl.spamcop.net
[Blocked - see
<SpamCop.net - Blocking List ( bl.spamcop.net )>]
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
blocked. See
DnsBlocklists - SPAMASSASSIN - Apache Software Foundation
for more information.
[URIs: royalgreen.net]
0.0 RCVD_IN_DNSWL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
DNSWL was blocked. See
DnsBlocklists - SPAMASSASSIN - Apache Software Foundation
for more information.
[123.136.29.18 listed in list.dnswl.org]
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not
necessarily
valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK
signature
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The
query to Validity was blocked. See
Validity Help Center
for more information.
[123.136.29.18 listed in
sa-trusted.bondedsender.org]
0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The
query to Validity was blocked. See
Validity Help Center
for more information.
[123.136.29.18 listed in
bl.score.senderscore.com]
0.1 MISSING_MID Missing Message-Id: header
2.0 MIXED_HREF_CASE Has href in mixed case
2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain
different freemails
0.0 T_FREEMAIL_DOC_PDF MS document or PDF attachment, from freemail
The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus, or
confirm that your address can receive spam. If you wish to view it, it may
be safer to save it to a file and open it with an editor.
so my question is why has the end user gotten this email and why is Validity being used for spam protection?
Spam detection software, running on the system "nena.webspring.se", has
identified this incoming email as possible spam. The original message has
been attached to this so you can view it or label similar future email. If
you have any questions, see the administrator of that system for details.
Content preview: This is to officially inform you that you have been
selected
to receive a grant donation from the Google Foundation. This selection
reflects
your outstanding contributions and potential for future imp [...]
Content analysis details: (9.4 points, 7.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
0.0 HTML_MESSAGE BODY: HTML included in message
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[123.136.29.18 listed in psbl.surriel.com]
1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in
bl.spamcop.net
[Blocked - see
<SpamCop.net - Blocking List ( bl.spamcop.net )>]
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
blocked. See
DnsBlocklists - SPAMASSASSIN - Apache Software Foundation
for more information.
[URIs: royalgreen.net]
0.0 RCVD_IN_DNSWL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
DNSWL was blocked. See
DnsBlocklists - SPAMASSASSIN - Apache Software Foundation
for more information.
[123.136.29.18 listed in list.dnswl.org]
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not
necessarily
valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK
signature
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The
query to Validity was blocked. See
Validity Help Center
for more information.
[123.136.29.18 listed in
sa-trusted.bondedsender.org]
0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The
query to Validity was blocked. See
Validity Help Center
for more information.
[123.136.29.18 listed in
bl.score.senderscore.com]
0.1 MISSING_MID Missing Message-Id: header
2.0 MIXED_HREF_CASE Has href in mixed case
2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain
different freemails
0.0 T_FREEMAIL_DOC_PDF MS document or PDF attachment, from freemail
The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus, or
confirm that your address can receive spam. If you wish to view it, it may
be safer to save it to a file and open it with an editor.
so my question is why has the end user gotten this email and why is Validity being used for spam protection?
