Scoring .co.uk emails higher due to poor registry security.

Questions and answers about how to do stuff
Post Reply
mikemachin
Posts: 33
Joined: 29 Aug 2014 11:27

Scoring .co.uk emails higher due to poor registry security.

Post by mikemachin » 29 Sep 2014 15:49

I see this in my spam assassin reports - we are a .co.uk company - how would we go about improving this?

Sorry for all the questions lately

b19wll
Posts: 58
Joined: 22 Nov 2012 09:55

Re: Scoring .co.uk emails higher due to poor registry securi

Post by b19wll » 19 Nov 2014 12:23

Hi Mike

did you get to the bottom of this?


Will

User avatar
shawniverson
Posts: 3445
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Scoring .co.uk emails higher due to poor registry securi

Post by shawniverson » 22 Nov 2014 17:00

This rule is being triggered in KAM.cf...

You can do the following to resolve this...

Overrride the rule in local.cf. Place the following code at the end of local.cf (/etc/mail/spamassassin/local.cf)

Code: Select all

header          KAM_COUK        From =~ /\@.{1,30}\.co\.uk/i
describe        KAM_COUK       Ignore scoring of co.uk rule
score           KAM_COUK        0
Doing this should override the KAM.cf rule permanently, since KAM.cf updates daily.

floppyfringe
Posts: 2
Joined: 28 Oct 2015 15:49

Re: Scoring .co.uk emails higher due to poor registry security.

Post by floppyfringe » 28 Oct 2015 16:10

I've only just become aware of this rule, we registered a new .UK domain and sent our mailing list using the new domain, triggering rule KAM_COUK and URIBL_RHS_DOB, we wanted to receive any bounces and pipe responses to ticket software.

We use Mailchimp/Mandrill to send the messages, so we got a grey and gold hit :o We had a shed load of bounces :o

So using a system to figure out which email addresses bounce and using a decent SMTP system, we've pretty much needed another spam assassin rule and the newsletter email got bounced.

I also don't know why there is a rule for KAM_COUK because Nominet have checked a registrants name and address for quite a while, checking the BBC (TV station in the UK) (link: http://www.nominet.uk/whois/?query=bbc. ... is-results) you see that Nominet verified the name and postal address of the registrant, our domain also shows Nominet verified our name and address.

ITV.co.uk was verified in 2012 so, WTF is going on? http://www.nominet.uk/whois/?query=itv. ... is-results

An advert for a football club has just appeared on the TV, mcfc.co.uk which is the official site for Manchester City FC, also was verified in 2012.

So why the frig does the rule KAM_COUK exist, especially as Nominet does verify a registrants name and address, which as far as I know, is more verification than a .com, .org or .net domain. We can't register the .com version of our name as a cyber squatter has it and wants a few thousand dollars for it.

Thanks :o(

User avatar
shawniverson
Posts: 3445
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Scoring .co.uk emails higher due to poor registry security.

Post by shawniverson » 31 Oct 2015 12:36

I am not the maintainer of KAM.cf, although it is part of EFA.
#KAM.cf - SpamAssassin Rules
#
#Author: Kevin A. McGrail with significant contributions from Joe Quinn
#
#Email: Kevin.McGrail@McGrail.com - NOTE: Questions about spam are best submitted
# at https://raptor.pccc.com/raptor.cgim?tem ... _problem$a
#
#HomePage: http://www.pccc.com/downloads/SpamAssas ... rib/KAM.cf

floppyfringe
Posts: 2
Joined: 28 Oct 2015 15:49

Re: Scoring .co.uk emails higher due to poor registry security.

Post by floppyfringe » 05 Nov 2015 03:30

Could you provide any information for the organization that has created this rule and is causing problems.

It seems rich that you can use whois privacy services on .com, .org and .nets and not with .UK domains (ok you can hide your home address if it's a personal and non-business domain).

Nominet has verified me and my domains and am confused why such a rule was needed.

Thanks

Post Reply