I currently have some ossues with spam getting through:
Someone sends an email, which tries to show itself as office@domain.nl
Code: Select all
X-Greylist: whitelisted by SQLgrey-1.8.0
Received: from dnvrco-oedge-vip.email.rr.com (dnvrco-outbound-snat.email.rr.com [107.14.73.231])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by mx01.bodis.nl (Postfix) with ESMTPS id 8539C120181
for <dijkman@domain.nl>; Wed, 19 Oct 2016 17:32:12 +0200 (CEST)
Received: from [24.219.76.69] ([24.219.76.69:34584] helo=pyxihad)
by dnvrco-omsmta01 (envelope-from <botanicbarn@nycap.rr.com>)
(ecelerity 3.6.9.48312 r(Core:3.6.9.0)) with ESMTP
id FC/7E-11795-5F197085; Wed, 19 Oct 2016 15:32:10 +0000
Message-ID: <0CC344E8960B1844245C05A9D3BF8886@pyxihad>
From: "office" <office@domain.nl>
To: <dijkman@domain.nl>
Subject: parking ticket
Date: Wed, 19 Oct 2016 16:29:16 -0700
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0003_01D22A35.4511BF70"
X-Priority: 3
X-MSMail-Priority: Normal
Importance: Normal
X-Unsent: 1
X-MimeOLE: Produced By Microsoft MimeOLE V16.4.3528.331
X-RR-Connecting-IP: 107.14.64.6:2525
Pretends to be: office@domain.nl
For some reason it does not get marked as spam, scores are:
Code: Select all
Spamassassin Score: 3.85
Spam Report:
-0.00 BAYES_40
1.95 DATE_IN_FUTURE_06_12
1.10 DCC_CHECK
0.00 HEADER_FROM_DIFFERENT_DOMAINS
1.35 RCVD_IN_BL_SPAMCOP_NET
-0.00 RCVD_IN_DNSWL_NONE
-0.55 RP_MATCHES_RCVD
-0.00 SPF_PASS
Any idea to prefect this kind of nonsense, before one of my clients get infected?
Running 3.0.1.1 at the moment