FREEMAIL_FORGED_REPLYTO

Questions and answers about how to do stuff
Post Reply
twstevensuk
Posts: 2
Joined: 09 Sep 2015 18:13

FREEMAIL_FORGED_REPLYTO

Post by twstevensuk » 09 Sep 2015 18:15

Where can i change this? i have checked in Kam.cf but cannot find it in their?

i can see the score is 2.0 and need to increase this

User avatar
pdwalker
Posts: 1137
Joined: 18 Mar 2015 09:16

Re: FREEMAIL_FORGED_REPLYTO

Post by pdwalker » 09 Sep 2015 19:31

Code: Select all

[root@efa ~]# cd /var/lib/spamassassin/
[root@efa spamassassin]# grep -R FREEMAIL_FORGED_REPLYTO *
3.004000/updates_spamassassin_org/30_text_pt_br.cf:lang pt_BR describe FREEMAIL_FORGED_REPLYTO Email gratuito usado no Reply-To, mas n▒o no From:
3.004000/updates_spamassassin_org/50_scores.cf:score FREEMAIL_FORGED_REPLYTO 1.199 2.503 1.204 2.095
3.004000/updates_spamassassin_org/20_freemail.cf:meta     FREEMAIL_FORGED_REPLYTO  __freemail_hdr_replyto && !FREEMAIL_FROM && !__freemail_safe
3.004000/updates_spamassassin_org/20_freemail.cf:describe FREEMAIL_FORGED_REPLYTO  Freemail in Reply-To, but not From
3.004000/updates_spamassassin_org/20_freemail.cf:score    FREEMAIL_FORGED_REPLYTO  0.1
So that's where the rule is, now what does it mean and how do you change it?

Customizing spamassassin scores

I don't know what the line from 50_scores.cf means. Perhaps someone else can explain what the 4 numbers are for. Otherwise, I'd just try modifing the local.cf to adjust the FREEMAIL_FORGED_REPLYTO spamassassin score.

Good luck!

twstevensuk
Posts: 2
Joined: 09 Sep 2015 18:13

Re: FREEMAIL_FORGED_REPLYTO

Post by twstevensuk » 10 Sep 2015 12:09

Thanks, The issue is that i cannot see this option in /etc/mail/spamassain/local.cf ?
Below is my local.cf file
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# Only a small subset of options are listed below
#
###########################################################################

# Add *****SPAM***** to the Subject header of spam e-mails
#
# rewrite_header Subject *****SPAM*****


# Save spam messages as a message/rfc822 MIME attachment instead of
# modifying the original message (0: off, 2: use text/plain instead)
#
# report_safe 1


# Set which networks or hosts are considered 'trusted' by your mail
# server (i.e. not spammers)
#
# trusted_networks 212.17.35.


# Set file-locking method (flock is not safe over NFS, but is faster)
#
# lock_method flock


# Set the threshold at which a message is considered spam (default: 5.0)
#
# required_score 5.0


# Use Bayesian classifier (default: 1)
#
# use_bayes 1


# Bayesian classifier auto-learning (default: 1)
#
# bayes_auto_learn 1


# Set headers which may provide inappropriate cues to the Bayesian
# classifier
#
# bayes_ignore_header X-Bogosity
# bayes_ignore_header X-Spam-Flag
# bayes_ignore_header X-Spam-Status


# Some shortcircuiting, if the plugin is enabled
#
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
#
# default: strongly-whitelisted mails are *really* whitelisted now, if the
# shortcircuiting plugin is active, causing early exit to save CPU load.
# Uncomment to turn this on
#
# shortcircuit USER_IN_WHITELIST on
# shortcircuit USER_IN_DEF_WHITELIST on
# shortcircuit USER_IN_ALL_SPAM_TO on
# shortcircuit SUBJECT_IN_WHITELIST on

# the opposite; blacklisted mails can also save CPU
#
# shortcircuit USER_IN_BLACKLIST on
# shortcircuit USER_IN_BLACKLIST_TO on
# shortcircuit SUBJECT_IN_BLACKLIST on

# if you have taken the time to correctly specify your "trusted_networks",
# this is another good way to save CPU
#
# shortcircuit ALL_TRUSTED on

# and a well-trained bayes DB can save running rules, too
#
# shortcircuit BAYES_99 spam
# shortcircuit BAYES_00 ham

endif # Mail::SpamAssassin::Plugin::Shortcircuit

User avatar
pdwalker
Posts: 1137
Joined: 18 Mar 2015 09:16

Re: FREEMAIL_FORGED_REPLYTO

Post by pdwalker » 10 Sep 2015 12:31

Because you have to add it into your local.cf file yourself.

Code: Select all

score FREEMAIL_FORGED_REPLYTO 4.0
You can score it more or less according to your preference.

Qlink
Posts: 13
Joined: 25 Dec 2016 23:43

Re: FREEMAIL_FORGED_REPLYTO

Post by Qlink » 16 Jul 2019 10:09

hi guys,

i've also tried to raise the score for FREEMAIL_FORGED_REPLYTO, but it seems like it doesn't work.
EFA still uses the old score.

i've added the line at the end in /etc/mail/spamassain/local.cf:

Code: Select all

# required_score 5.0


#   Use Bayesian classifier (default: 1)
#
# use_bayes 1


#   Bayesian classifier auto-learning (default: 1)
#
# bayes_auto_learn 1


#   Set headers which may provide inappropriate cues to the Bayesian
#   classifier
#
# bayes_ignore_header X-Bogosity
# bayes_ignore_header X-Spam-Flag
# bayes_ignore_header X-Spam-Status


#   Whether to decode non- UTF-8 and non-ASCII textual parts and recode
#   them to UTF-8 before the text is given over to rules processing.
#
# normalize_charset 1

#   Some shortcircuiting, if the plugin is enabled
#
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
#
#   default: strongly-whitelisted mails are *really* whitelisted now, if the
#   shortcircuiting plugin is active, causing early exit to save CPU load.
#   Uncomment to turn this on
#
# shortcircuit USER_IN_WHITELIST       on
# shortcircuit USER_IN_DEF_WHITELIST   on
# shortcircuit USER_IN_ALL_SPAM_TO     on
# shortcircuit SUBJECT_IN_WHITELIST    on

#   the opposite; blacklisted mails can also save CPU
#
# shortcircuit USER_IN_BLACKLIST       on
# shortcircuit USER_IN_BLACKLIST_TO    on
# shortcircuit SUBJECT_IN_BLACKLIST    on

#   if you have taken the time to correctly specify your "trusted_networks",
#   this is another good way to save CPU
#
# shortcircuit ALL_TRUSTED             on

#   and a well-trained bayes DB can save running rules, too
#
# shortcircuit BAYES_99                spam
# shortcircuit BAYES_00                ham

score FREEMAIL_FORGED_REPLYTO 4.0

endif # Mail::SpamAssassin::Plugin::Shortcircuit
  
but efa still uses 2.10 score:

Code: Select all

Spam Report:	
Score	Matching Rule	Description
-7.61	AWL	Adjusted score from AWL reputation of From: address
0.80	BAYES_50	Bayes spam probability is 40 to 60%
2.10	FREEMAIL_FORGED_REPLYTO	Freemail in Reply-To, but not From
1.00	HK_RANDOM_REPLYTO	 
16.00	KAM_SEX_EXPLICIT	Subject or body indicates Sexually Explicit material
0.00	SPF_FAIL	SPF: sender does not match SPF record (fail)
0.00	SPF_HELO_NONE	SPF: HELO does not publish an SPF Record
am i doing something wrong ?

Qlink
Posts: 13
Joined: 25 Dec 2016 23:43

Re: FREEMAIL_FORGED_REPLYTO

Post by Qlink » 26 Jul 2019 10:47

no one here who can help me in this case ?

a lot of spam mails with FREEMAIL_FORGED_REPLYTO are getting through EFA because of this non working rule :(

thanks in advance

henk
Posts: 383
Joined: 14 Dec 2015 22:16
Location: Netherlands
Contact:

Re: FREEMAIL_FORGED_REPLYTO

Post by henk » 27 Jul 2019 10:15

Code: Select all

# shortcircuit BAYES_00                ham

score FREEMAIL_FORGED_REPLYTO 4.0      <<<  move this line outside of the if/endif blocks as you created a dependency on the Shortcircuit plugin

endif # Mail::SpamAssassin::Plugin::Shortcircuit
To Check if the Shortcircuit plugin is active or not

Code: Select all

/etc/mail/spamassassin/v320.pre
Remove the '#' if you want to activate the plugin

Post Reply