[ic] List messages going to SPAM
Peter
peter at pajamian.dhs.org
Sat Nov 30 03:30:37 UTC 2024
Messages from this list are going to SPAM for me as classified by
SpamAssassin:
Two issues:
1. The interchangecommerce.org MX server is listed in the Spamhaus CSS
list and it's appearance in the Received headers adds significantly to
the SPAM score:
> * 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS
> * [2600:3c00:0:0:f03c:92ff:fe79:d725 listed in]
> [zen.spamhaus.org]
The offending Received header follows:
> Received: from mx.endcrypt.com (ln125.epinfra.net
> [IPv6:2600:3c00::f03c:92ff:fe79:d725])
> by rn1.interchangecommerce.org (Postfix) with ESMTPS id DAC294BABA
> for <interchange-users at interchangecommerce.org>;
> Fri, 29 Nov 2024 14:57:24 +0000 (UTC)
mx.endcrypt.com is one of two listed MX servers for interchangecommerce.org:
> interchangecommerce.org. 300 IN MX 1 mx.endcrypt.com.
> interchangecommerce.org. 300 IN MX 1 mx2.endcrypt.com.
2. Message content is being flagged as SPAM by razor2
> * 1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
> * 2.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
> * [cf: 100]
Additional notes which are probably relevant:
Nearly the entire recent thread with the subject, "sdbm (and maybe
locale)" has been flagged. One message in this thread got through which
still failed razor2 but not SBL-CSS. I believe this is because the
mx.endcrypt.com connection on that message was an IPv4 connection
[45.79.49.15] instead of the IPv6 connection from the other messages.
The next newest thread on the list had the subject "Authorize.net SSL
Certificate Migration" and had a SPAM score of just 0.5 with none of the
above issues. It is using the IPv4 connection. though. It also does
not fail razor2, but I might not have had razor2 enabled in SpamAssassin
at the time, though, so I can't say for sure if it would have passed or
failed.
If I go back to the previous thread in January ("Problem with Tags") it
uses the IPv6 address and also fails the SBL-CSS test, so that issue has
been around for a while.
I also can't say if the current thread failing razor2 is a general
failure for the list (such as razor2 rejecting domain names in the list
footer) or if it's due to some content specifically in that thread. If
I could see recent messages from other threads (such as a response to
this one) it will give me a better idea, but there hasn't been enough
traffic to be able to tell otherwise. That said, I just requested a
password reminder from the list and the resulting message failed the
razor2 check, so that leads me to believe that it is a problem with a
domain name in the list footer which is also in the content of the
password reminder.
I can whitelist messages to this list so I don't have to dig through my
Spam folder to find them, but I'd rather see if we can resolve the issue
at the source first. A good first step would be to try to delist the
IPv6 IP for mx.endcrypt.com from the Spamhaus SBL-CSS, that in itself
would be enough, but it would be helpful to also try to determine where
the razor2 issue is coming from.
Peter
More information about the interchange-users
mailing list