Spamassassin False Positive - FORGED_HOTMAIL_RCVD

A

ak17_hk

Verified User
Joined
Nov 7, 2006
Messages
77
I'm setting up a new server with Directadmin, which has Spamblocker V3 + ClamAV + Spamassassin installed. However, when I do a test by sending an email from Hotmail to an email hosted on the server, the email got detected as spam, one of those rules is that it says this email is forged Hotmail. I sent the email directly on Hotmail site, so you can imagine this is not true at all. Is there some false positive with spamassassin? Or is there some settings that I missed? Anyone got an idea? Please help! :confused:

2.2 FORGED_HOTMAIL_RCVD Forged hotmail.com 'Received:' header found
 
If you can tell us how HotMail identified the server we can figure out if any of their servers are missing.

However the next version SpamBlocker (there may be a beta2) won't do the FORGED MAIL CHECKS at all. So you might want to search for the term in bold in your exim.conf file, and remove all the checks in that section, and restart exim.

Why? Too many people have been getting to many false positives they've been having to whitelist. Best we don't add these checks but merely document them for people who want to add them.

Jeff
 
jlasman said:
If you can tell us how HotMail identified the server we can figure out if any of their servers are missing.

However the next version SpamBlocker (there may be a beta2) won't do the FORGED MAIL CHECKS at all. So you might want to search for the term in bold in your exim.conf file, and remove all the checks in that section, and restart exim.

Why? Too many people have been getting to many false positives they've been having to whitelist. Best we don't add these checks but merely document them for people who want to add them.

Jeff
Click to expand...


Hi Jeff,

Thanks for the reply. Unfortunately, it's not anything to do with SpamBlocker (exim.conf) as I've already commented those lines in the file. I think it's spamassassin itself that is doing the trick, but makes it a headache of how to handle and dig out the problem. Do you have any idea or experience on this? Thanks for sharing! :)
 
You can find the FORGED_HOTMAIL_RCVD rule in SpamAssassin (search these forums and/or the SpamAssassin site for where to find SpamAssassin rules) and remove them.

Jeff
 
jlasman said:
You can find the FORGED_HOTMAIL_RCVD rule in SpamAssassin (search these forums and/or the SpamAssassin site for where to find SpamAssassin rules) and remove them.

Jeff
Click to expand...


But is there any fix or have you heard of any? Simply removing it is a quick solution, but then it opens a gap for the real forged ones... :(
 
Yes, you can always fix the rule and offer it back to the community; that's what open source is all about ;) .

Jeff
 
You must log in or register to reply here.
Back
Top