We are rolling out 3.0.1.1 but have had reports back from a few of our customers that they are seeing more spam delivered as clean email since the update.
During the same period, those of our customers on 3.0.0.9 are not seeing this growth. So it is not a matter of there being more in the wild.
I wondered if anyone else was seeing this trend? Or has something changed to lower the Spam Assassin score?
Observations welcomed
Increase in the level of spam
Re: Increase in the level of spam
Without knowing what's getting through that wouldn't have gotten through before, it's hard to say.
Can you tell her if the postfix RBL checks are still working correctly?
Can you tell her if the postfix RBL checks are still working correctly?
Re: Increase in the level of spam
Yes I've installed logwatch on a couple of sites and all the mechanisms are functioning. Those coming through have 0 spam assassin rating and in general there is two to three times the amount arriving in inboxes.
I have now set "Reject clients with no reverse hostname" in "SMTP Client Restrictions" to see if that helps.
I have now set "Reject clients with no reverse hostname" in "SMTP Client Restrictions" to see if that helps.
Re: Increase in the level of spam
What do you mean, 0 spamassassin rating?
Can you share any of the spam reports?
Can you share any of the spam reports?
Re: Increase in the level of spam
I mean, as an example, that Spamassassin gave a score of zero in all categories, yet the email was still considered as unsolicited as far as the end user was concerned. Prior to this it had obviously not been rejected by RBL.pdwalker wrote:What do you mean, 0 spamassassin rating?
Can you share any of the spam reports?
-
shawniverson
- Posts: 3783
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: Increase in the level of spam
I don't quite see how that is possible...
3.0.0.9 and 3.0.1.1 are functionally identical. 3.0.1.0 and 3.0.1.1 are mainly security fixes to MailWatch
Issue #201 Bug - Deprecated release-msg.cgi (deployed)
Issue #253 Bug - EFA-Backup ssl folder (deployed)
Issue #260 Bug - Header in Apache Settings wrong (deployed)
Issue #261 Bug - learn-msg.cgi wrong path for sa-learn (deployed)
Issue #273 Security - MailWatch Configuration Vulnerability
Issue #274 Bug - Broken menu options in 3.0.1.0
Issue #201 Bug - Deprecated release-msg.cgi
Issue #236 Enhancement - Disable spam not delivered messages by default
Issue #253 Bug - EFA-Backup ssl folder
Issue #260 Bug - Header in Apache Settings wrong
Issue #261 Bug - learn-msg.cgi wrong path for sa-learn
Issue #262 Bug - MS_LOGO and MW_LOGO Definitions Needed
Issue #268 Enhancement - EFA-Init link test without DHCP dependency
Issue #269 Bug - SQL error during rename of host name in EFA-Configure
PR #270 Bug - Typo in RELEASENOTES
Issue #272 Security - MailWatch Vulnerability
I would verify that your RBL lookups are functioning properly and that SA is functioning properly.
3.0.0.9 and 3.0.1.1 are functionally identical. 3.0.1.0 and 3.0.1.1 are mainly security fixes to MailWatch
Issue #201 Bug - Deprecated release-msg.cgi (deployed)
Issue #253 Bug - EFA-Backup ssl folder (deployed)
Issue #260 Bug - Header in Apache Settings wrong (deployed)
Issue #261 Bug - learn-msg.cgi wrong path for sa-learn (deployed)
Issue #273 Security - MailWatch Configuration Vulnerability
Issue #274 Bug - Broken menu options in 3.0.1.0
Issue #201 Bug - Deprecated release-msg.cgi
Issue #236 Enhancement - Disable spam not delivered messages by default
Issue #253 Bug - EFA-Backup ssl folder
Issue #260 Bug - Header in Apache Settings wrong
Issue #261 Bug - learn-msg.cgi wrong path for sa-learn
Issue #262 Bug - MS_LOGO and MW_LOGO Definitions Needed
Issue #268 Enhancement - EFA-Init link test without DHCP dependency
Issue #269 Bug - SQL error during rename of host name in EFA-Configure
PR #270 Bug - Typo in RELEASENOTES
Issue #272 Security - MailWatch Vulnerability
I would verify that your RBL lookups are functioning properly and that SA is functioning properly.
Re: Increase in the level of spam
Thanks Shawn, that was the information I was after. This is often a "feeling" or perception on the part of the user and next to impossible to measure. I just needed to be sure that nothing had changed technically.
It is very difficult to judge from looking at some emails by content, if they are unsolicited or not, even manually. They often appear ok but contain a suspicious URL. So even though it gets through the spam filter, it is still covered by the phishing filter.
It is very difficult to judge from looking at some emails by content, if they are unsolicited or not, even manually. They often appear ok but contain a suspicious URL. So even though it gets through the spam filter, it is still covered by the phishing filter.