1 Topic by Mathys

  • Mathys
  • Member
  • Offline
  • Registered: 2024-05-04
  • Posts: 2

Topic: Spam Filtering Issue with SpamAssassin via Amavis and Dovecot Sieve

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.6.8 MARIADB edition.
- Deployed with iRedMail Easy or the downloadable installer? downloadable installer
- Linux/BSD distribution name and version: Debian 12 Lasted version
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hello everyone,

I'm encountering an issue with spam filtering on my iRedMail server, where some obvious spam emails are not properly marked and filtered by SpamAssassin integrated via Amavis, despite enabling Dovecot Pigeonhole/Sieve as per the iRedMail documentation.

Technical Details:

Here are the Postfix and Amavis logs for a specific email that should have been marked as spam but was classified as CLEAN:

2024-05-04T11:03:53.140506+02:00 mail postfix/postscreen[1121363]: CONNECT from [202.3.248.222]:27520 to [46.105.75.35]:25
2024-05-04T11:03:57.261909+02:00 mail postfix/postscreen[1121363]: PASS OLD [202.3.248.222]:27520
2024-05-04T11:03:58.024339+02:00 mail postfix/smtpd[1121391]: connect from mail.brainix.pf[202.3.248.222]
2024-05-04T11:03:58.259481+02:00 mail postfix/smtpd[1121391]: discarding EHLO keywords: CHUNKING
2024-05-04T11:03:58.960191+02:00 mail postfix/smtpd[1121391]: Anonymous TLS connection established from mail.brainix.pf[202.3.248.222]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256
2024-05-04T11:03:59.194161+02:00 mail postfix/smtpd[1121391]: discarding EHLO keywords: CHUNKING
2024-05-04T11:03:59.629792+02:00 mail postfix/smtpd[1121391]: 4VWhYW4SsqzqVyB: client=mail.brainix.pf[202.3.248.222]
2024-05-04T11:03:59.871907+02:00 mail postfix/cleanup[1121407]: 4VWhYW4SsqzqVyB: message-id=<9a795f7e6aec58112fb22e84eaf94f29@apple.io>
2024-05-04T11:04:00.618355+02:00 mail postfix/qmgr[1010933]: 4VWhYW4SsqzqVyB: from=<news@apple.io>, size=157611, nrcpt=1 (queue active)
2024-05-04T11:04:00.618512+02:00 mail postfix/smtpd[1121391]: disconnect from mail.brainix.pf[202.3.248.222] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
2024-05-04T11:04:02.626916+02:00 mail postfix/10025/smtpd[1121441]: connect from localhost[127.0.0.1]
2024-05-04T11:04:02.627014+02:00 mail postfix/10025/smtpd[1121441]: discarding EHLO keywords: CHUNKING
2024-05-04T11:04:02.630655+02:00 mail postfix/10025/smtpd[1121441]: 4VWhYZ4TBRzqW7S: client=localhost[127.0.0.1]
2024-05-04T11:04:02.631388+02:00 mail postfix/cleanup[1121407]: 4VWhYZ4TBRzqW7S: message-id=<9a795f7e6aec58112fb22e84eaf94f29@apple.io>
2024-05-04T11:04:02.632426+02:00 mail postfix/10025/smtpd[1121441]: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
2024-05-04T11:04:02.632608+02:00 mail postfix/qmgr[1010933]: 4VWhYZ4TBRzqW7S: from=<news@apple.io>, size=158468, nrcpt=1 (queue active)
2024-05-04T11:04:02.635777+02:00 mail amavis[1033869]: (1033869-03) Passed CLEAN {RelayedInbound}, [202.3.248.222]:27520 [202.3.248.222] ESMTP/ESMTP <news@apple.io> -> <admin@whiteprovider.com>, (ESMTPS://[202.3.248.222]:27520), Queue-ID: 4VWhYW4SsqzqVyB, Message-ID: <9a795f7e6aec58112fb22e84eaf94f29@apple.io>, mail_id: 0rhyPUBP1CrI, b: b9P8FI0Ug, Hits: 1.551, size: 157611, queued_as: 4VWhYZ4TBRzqW7S, Subject: "Félicitations ! Vous avez gagné un iPhone 12 Gratuit ! (raw: =?UTF-8?Q?F=C3=A9licitations_!_Vous_avez_gagn=C3=A9_un_iPhone_12?= =?UTF-8?Q?_Gratuit_!?=)", From: <news@apple.io>, User-Agent: Roundcube_Webmail, helo=mail.brainix.pf, Tests: [DKIM_SIGNED=0.1,DKIM_VALID=-0.1,DMARC_NONE=0.898,SPF_HELO_NONE=0.001,SPF_NEUTRAL=0.652], autolearn=no autolearn_force=no, autolearnscore=1.551, dkim_i=@brainix.pf, dkim_sd=dkim:brainix.pf, 1996 ms
2024-05-04T11:04:02.636879+02:00 mail postfix/amavis/smtp[1121414]: 4VWhYW4SsqzqVyB: to=<admin@whiteprovider.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.2, delays=1.2/0.02/0/2, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4VWhYZ4TBRzqW7S)
2024-05-04T11:04:02.636944+02:00 mail postfix/qmgr[1010933]: 4VWhYW4SsqzqVyB: removed
2024-05-04T11:04:02.651143+02:00 mail postfix/pipe[1121442]: 4VWhYZ4TBRzqW7S: to=<admin@whiteprovider.com>, relay=dovecot, delay=0.02, delays=0/0/0/0.01, dsn=2.0.0, status=sent (delivered via dovecot service)
2024-05-04T11:04:02.651219+02:00 mail postfix/qmgr[1010933]: 4VWhYZ4TBRzqW7S: removed

-----------------------

Return-Path: <news@apple.io>
Delivered-To: admin@whiteprovider.com
Received: from mail.whiteprovider.com (localhost [127.0.0.1])
    by mail.whiteprovider.com (Postfix) with ESMTP id 4VWhYZ4TBRzqW7S
    for <admin@whiteprovider.com>; Sat, 4 May 2024 11:04:02 +0200 (CEST)
X-Virus-Scanned: Debian amavis at mail.whiteprovider.com
X-Spam-Flag: NO
X-Spam-Score: 1.551
X-Spam-Level: *
X-Spam-Status: No, score=1.551 tagged_above=-100 required=4
    tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DMARC_NONE=0.898,
    SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.652] autolearn=no autolearn_force=no
Authentication-Results: mail.whiteprovider.com (amavis);
    dkim=pass (2048-bit key) header.d=brainix.pf
Received: from mail.whiteprovider.com ([127.0.0.1])
    by mail.whiteprovider.com (mail.whiteprovider.com [127.0.0.1]) (amavis, port 10024)
    with ESMTP id 0rhyPUBP1CrI for <admin@whiteprovider.com>;
    Sat, 4 May 2024 11:04:00 +0200 (CEST)
Received: from mail.brainix.pf (mail.brainix.pf [202.3.248.222])
    (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
    key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256)
    (No client certificate requested)
    by mail.whiteprovider.com (Postfix) with ESMTPS id 4VWhYW4SsqzqVyB
    for <admin@whiteprovider.com>; Sat, 4 May 2024 11:03:59 +0200 (CEST)
Received: from mail.brainix.pf (localhost [127.0.0.1])
    by mail.brainix.pf (Postfix) with ESMTP id 4VWhYN2YH2z26qng
    for <admin@whiteprovider.com>; Fri, 3 May 2024 23:03:52 -1000 (-10)
Authentication-Results: mail.brainix.pf (amavis); dkim=pass (2048-bit key)
    reason="pass (just generated, assumed good)" header.d=brainix.pf
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=brainix.pf; h=
    content-type:message-id:user-agent:subject:to:from:date
    :mime-version; s=dkim; t=1714813431; x=1717405432; bh=iTCwSTuQcP
    C9nWNP3t5jXa08eAc0c9U75/2olQCBRkQ=; b=JL3CHc0GXaPVio56lXKh1tYp8B
    3csgsOV389Zj3f92SXoeEEnwEUGMBzgIhV3i2e4C4kXVxNnzjLLjFZja631OEudV
    diQKoRHMftK4J9famm+H0B3wWI7UP2ot8UJCUV0PBfvlUCRK43J9yI4lpHYcAeCq
    jluEedG6LdFcgiHQZwGp157zGJ5YGeDvrCq7TkUzZxh4qctg1saeMEmk6Gl4Rloz
    1z91DxwfABz1becPktuS879TC0W5KpgCZPnxg/rpgDVhdcKmS/ndMMgc0n/Vll6V
    uZUH5/brndOM5oXOt1JPnTTWqHmCZdFfZlXljMnw79/crF3toFqQ/5xj87Qg==
X-Virus-Scanned: Debian amavis at mail.brainix.pf
Received: from mail.brainix.pf ([127.0.0.1])
    by mail.brainix.pf (mail.brainix.pf [127.0.0.1]) (amavis, port 10026)
    with ESMTP id ObctZ2m-glon for <admin@whiteprovider.com>;
    Fri, 3 May 2024 23:03:51 -1000 (-10)
Received: from localhost (localhost [127.0.0.1])
    by mail.brainix.pf (Postfix) with ESMTPSA id 4VWhYM2Xvfz26qgy
    for <admin@whiteprovider.com>; Fri, 3 May 2024 23:03:51 -1000 (-10)
MIME-Version: 1.0
Date: Fri, 03 May 2024 23:03:51 -1000
From: news@apple.io
To: Admin <admin@whiteprovider.com>
Subject: =?UTF-8?Q?F=C3=A9licitations_!_Vous_avez_gagn=C3=A9_un_iPhone_12?=
    =?UTF-8?Q?_Gratuit_!?=
User-Agent: Roundcube Webmail
Message-ID: <9a795f7e6aec58112fb22e84eaf94f29@apple.io>
X-Sender: news@apple.io
Content-Type: multipart/mixed;
    boundary="=_0f7e99edcd644d175e45dae0aeb6a97a"

------------------

May  4 11:14:42.707 [1125618] dbg: check: subtests=__ANY_TEXT_ATTACH,__ANY_TEXT_ATTACH_DOC,__BODY_TEXT_LINE(3),__CT,__CTE,__CT_TEXT_PLAIN,__DKIM_DEPENDABLE,__DKIM_EXISTS,__DOS_HAS_ANY_URI,__DOS_RCVD_FRI,__DOS_RCVD_SAT,__DOS_RELAYED_EXT,__ENV_AND_HDR_FROM_MATCH,__E_LIKE_LETTER(67),__GB_TO_ADDR,__HAS_ANY_URI,__HAS_DATE,__HAS_DKIM_SIGHD,__HAS_FROM,__HAS_MESSAGE_ID,__HAS_MSGID,__HAS_RCVD,__HAS_SUBJECT,__HAS_TO,__HAS_UA,__HAS_URI,__HAS_X_SENDER,__HELO_DNS,__HIGHBITS,__KAM_BODY_LENGTH_LT_1024,__LAST_EXTERNAL_RELAY_NO_AUTH,__LAST_UNTRUSTED_RELAY_NO_AUTH,__LCL__ENV_AND_HDR_FROM_MATCH,__LCL__KAM_BODY_LENGTH_LT_1024,__LOCAL_PP_NONPPURL,__LOWER_E(53),__L_BODY_8BITS,__MIME_VERSION,__MISSING_REF,__MISSING_REPLY,__MSGID_OK_HOST,__NAKED_TO,__NONEMPTY_BODY,__NOT_A_PERSON,__NOT_SPOOFED,__PDS_MSG_1024,__PDS_RDNS_MTA,__RCD_RDNS_MAIL,__RCD_RDNS_MAIL_MESSY,__SANE_MSGID,__SENDER_BOT,__SUBJECT_ENCODED_QP,__SUBJ_NOT_SHORT,__TOCC_EXISTS,__TO_NO_ARROWS_R,__TVD_MIME_ATT_TP (Total Subtest Hits: 176 / Deduplicated Total Hits: 56)
May  4 11:14:42.707 [1125618] dbg: timing: total 2375 ms - init: 475 (20.0%), parse: 1.30 (0.1%), extract_message_metadata: 7 (0.3%), tests_pri_-10000: 4.4 (0.2%), compile_gen: 62 (2.6%), get_uri_detail_list: 2.2 (0.1%), tests_pri_-2000: 2.4 (0.1%), compile_eval: 9 (0.4%), tests_pri_-1000: 2.1 (0.1%), tests_pri_-950: 1.58 (0.1%), tests_pri_-900: 1.71 (0.1%), tests_pri_-100: 1771 (74.6%), check_spf: 491 (20.7%), poll_dns_idle: 974 (41.0%), dkim_load_modules: 9 (0.4%), check_dkim_signature: 494 (20.8%), check_dkim_adsp: 18 (0.8%), tests_pri_-90: 1.82 (0.1%), tests_pri_0: 101 (4.3%), tests_pri_500: 2.1 (0.1%)
May  4 11:14:42.707 [1125618] dbg: markup: mime_encode_header: SpamAssassin 4.0.0 (2022-12-13) on
May  4 11:14:42.707 [1125618] dbg: markup: [...] \tmail.whiteprovider.com
May  4 11:14:42.707 [1125618] dbg: markup: mime_encode_header:
May  4 11:14:42.708 [1125618] dbg: markup: mime_encode_header: No, score=0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
May  4 11:14:42.708 [1125618] dbg: markup: [...] \tDMARC_NONE,SPF_HELO_NONE autolearn=no autolearn_force=no version=4.0.0
Return-Path: <news@apple.io>
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on
        mail.whiteprovider.com
X-Spam-Level:
X-Spam-Status: No, score=0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
        DMARC_NONE,SPF_HELO_NONE autolearn=no autolearn_force=no version=4.0.0
Delivered-To: admin@whiteprovider.com
Received: from mail.whiteprovider.com (localhost [127.0.0.1])
        by mail.whiteprovider.com (Postfix) with ESMTP id 4VWhVG4nnkzqW7S
        for <admin@whiteprovider.com>; Sat,  4 May 2024 11:01:10 +0200 (CEST)
X-Virus-Scanned: Debian amavis at mail.whiteprovider.com
Authentication-Results: mail.whiteprovider.com (amavis);
dkim=pass (2048-bit key) header.d=brainix.pf
Received: from mail.whiteprovider.com ([127.0.0.1])
by mail.whiteprovider.com (mail.whiteprovider.com [127.0.0.1]) (amavis, port 10024)
with ESMTP id apDiqWZZfuVk for <admin@whiteprovider.com>;
Sat,  4 May 2024 11:01:07 +0200 (CEST)
Received: from mail.brainix.pf (mail.brainix.pf [202.3.248.222])
        (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
         key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256)
        (No client certificate requested)
        by mail.whiteprovider.com (Postfix) with ESMTPS id 4VWhVC1FQ1zqVyB
        for <admin@whiteprovider.com>; Sat,  4 May 2024 11:01:07 +0200 (CEST)
Received: from mail.brainix.pf (localhost [127.0.0.1])
        by mail.brainix.pf (Postfix) with ESMTP id 4VWhV20QM9z26qp3
        for <admin@whiteprovider.com>; Fri,  3 May 2024 23:00:58 -1000 (-10)
Authentication-Results: mail.brainix.pf (amavis); dkim=pass (2048-bit key)
reason="pass (just generated, assumed good)" header.d=brainix.pf
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=brainix.pf; h=
        content-transfer-encoding:content-type:message-id:user-agent
        :subject:to:from:date:mime-version; s=dkim; t=1714813256; x=
        1717405257; bh=t527ZwlIIEXUulZ//Q6vkcs3movJxbVIuzpLwzhJS2U=; b=B
        sC/F/QOncZfyYJQbFYTp3IlREJgUVDXCvHw9GTK/fX1swBYQ6R91nyetgrOmI/mV
        xFOjDe7KoTtNl8s4tkX63cECYM1m9H4prwT1Oi1lgrBmCvM7L96P/bjTPtwHD6uw
        wEzhR/t3K10kqfnLzUy8EOGqwXVnoAeGyHi+tW0rRfi2ipnjs3wdUY+fzHnq9u7Z
        ZXTsaBlqYyqtgsc4PqZFzMJET/HOkaINFrRFTVOwJ7fBMeMbOJOpzw8bkqleRrzL
        nhRT/P+lUO4fS45e0NJh6PXhDrrwyPA8AVEQfaMuMZ+BoY4sVeN7iW4IiL8uM+Or
        3R/4UKNPrZJ99JJJcgX9Q==
X-Virus-Scanned: Debian amavis at mail.brainix.pf
Received: from mail.brainix.pf ([127.0.0.1])
by mail.brainix.pf (mail.brainix.pf [127.0.0.1]) (amavis, port 10026)
with ESMTP id luipX2kqpHCt for <admin@whiteprovider.com>;
Fri,  3 May 2024 23:00:56 -1000 (-10)
Received: from localhost (localhost [127.0.0.1])
        by mail.brainix.pf (Postfix) with ESMTPSA id 4VWhV01v6Sz26qgy
        for <admin@whiteprovider.com>; Fri,  3 May 2024 23:00:56 -1000 (-10)
MIME-Version: 1.0
Date: Fri, 03 May 2024 23:00:56 -1000
From: news@apple.io
To: admin@whiteprovider.com
Subject: =?UTF-8?Q?F=C3=A9licitations_!_Vous_avez_gagn=C3=A9_un_iPhone_12?=
=?UTF-8?Q?_Gratuit_!?=
User-Agent: Roundcube Webmail
Message-ID: <1bebc8609a59174fd46257ef38c66c2b@apple.io>
X-Sender: news@apple.io
Content-Type: text/plain; charset=UTF-8;
format=flowed
Content-Transfer-Encoding: quoted-printable

Cher/Ch=C3=A8re Mathys,
F=C3=A9licitations ! Nous sommes ravis de vous annoncer que vous avez =C3=
=A9t=C3=A9=20
s=C3=A9lectionn=C3=A9(e) pour recevoir un tout nouveau iPhone 12 gratuite=
ment !=20
Pour r=C3=A9clamer votre prix, il vous suffit de cliquer sur le lien=20
ci-dessous et de saisir vos informations personnelles.

Cliquez ici pour r=C3=A9clamer votre cadeau : ....=
/

D=C3=A9p=C3=AAchez-vous ! L'offre expire dans 24 heures et est limit=C3=A9=
e aux 100=20
premi=C3=A8res personnes qui r=C3=A9pondent.

Cordialement,
L'=C3=A9quipe des promotions incroyables
------------------ D▒but de Rapport SpamAssassin ---------------------
Ce message est probablement du SPAM (message non sollicit▒ envoy▒ en
masse, publicit▒, escroquerie...).

Cette notice a ▒t▒ ajout▒e par le syst▒me d'analyse "SpamAssassin" sur
votre serveur de courrier "mail.whiteprovider.com", pour vous
aider ▒ identifier ce type de messages.

Le syst▒me SpamAssassin ajoute un en-t▒te "X-Spam-Flag: YES" aux
messages qu'il consid▒re comme ▒tant probablement du Spam.
Vous pouvez si vous le souhaitez utiliser cette caract▒ristique
pour r▒gler un filtre dans votre logiciel de lecture de courrier,
afin de d▒truire ou de classer ▒ part ce type de message.

Si ce robot a classifi▒ incorrectement un message qui vous ▒tait
destin▒, ou pour toute question, veuillez contacter l'administrateur
du syst▒me par e-mail ▒ @@CONTACT_ADDRESS@@ .

Voir ..... pour plus de d▒tails (en anglais).

D▒tails de l'analyse du message:   (0.9 points, 5.0 requis)
0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not necessarily valid
-0.1 DKIM_VALID             Message has at least one valid DKIM or DK signature
0.9 DMARC_NONE             DMARC none policy

-------------------- Fin de Rapport SpamAssassin ---------------------

May  4 11:14:42.709 [1125618] dbg: plugin: Mail::SpamAssassin::Plugin::MIMEHeader=HASH(0x563784d18a38) implements 'finish_tests', priority 0
May  4 11:14:42.709 [1125618] dbg: plugin: Mail::SpamAssassin::Plugin::Check=HASH(0x5637845efd38) implements 'finish_tests', priority 0
May  4 11:14:42.719 [1125618] dbg: netset: cache trusted_networks hits/attempts: 11/12, 91.7 %

The total score assigned by SpamAssassin is 0.004, well below the threshold required to mark the email as spam. I've also enabled Sieve scripts as described in the iRedMail documentation for Dovecot, but the issue persists.

I'm seeking advice on improving spam filtering or understanding why these emails are slipping through the filters.

Thank you for any help or suggestions you may have!

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by Mathys

  • Mathys
  • Member
  • Offline
  • Registered: 2024-05-04
  • Posts: 2

Re: Spam Filtering Issue with SpamAssassin via Amavis and Dovecot Sieve

hello everyone,

i've recently made some adjustments to our spamassassin configuration to enhance spam filtering. here’s a summary of the changes i implemented:

1. **enabled bayes and certain tests while disabling razor2 and pyzor**:
   - `use_bayes_rules 1`: bayes analysis activated.
   - `skip_rbl_checks 0`: rbl checks are not skipped.
   - `use_razor2 0` and `use_pyzor 0`: disabled razor2 and pyzor to reduce external dependencies.

2. **adjusted scoring based on spf, dmarc, and dkim results**:
   - **spf**: adjusted scores to reflect confidence in spf verification results (from -0.001 for passes to 2.0 for fails).
   - **dmarc**: higher scores for dmarc failures, reflecting strict security policy (up to 3.0 for rejections).
   - **dkim**: reduced points for dkim passes and increased penalty for failures.

3. **enabled additional plugins** to improve spam detection:
   - plugins for text processing, uridnsbl link checking, and message body evaluation.

4. **specific configuration for uribl_black**:
   - `body uribl_black eval:check_uridnsbl('uribl_black')`: checks if a url is listed in the uribl blacklist.
   - `score uribl_black 3.0`: high score assigned to messages containing blacklisted urls to enhance filtering.

5. **additional configuration settings**:
   - **marking and handling spam**: mark mail as spam when score is ≥ 3.0, and block or quarantine marked spam when score is ≥ 5.0.
   - **headers**: always insert `x-spam-*` headers to ensure transparency in spam handling.

although these changes have made a slight improvement, the system still isn't as effective as i hoped. the spam filtering is slightly better, but not quite there yet. i'm open to any suggestions or tips that might help improve the effectiveness further.


#Add PERSO
use_bayes_rules 1
skip_rbl_checks 0
use_razor2 0
use_pyzor 0

# Configurer les scores pour les résultats SPF
score SPF_PASS -0.001
score SPF_FAIL 2.0
score SPF_SOFTFAIL 1.0
score SPF_NEUTRAL 0.5
score SPF_PERMERROR 2.0
score SPF_TEMPERROR 0.5

# Configurer les scores pour les résultats DMARC
score DMARC_PASS -0.001
score DMARC_FAIL 3.0
score DMARC_POLICY_NONE 0.5
score DMARC_POLICY_QUARANTINE 2.0
score DMARC_POLICY_REJECT 3.0

# Configurer les scores pour les résultats DKIM
score DKIM_PASS -0.1
score DKIM_FAIL 2.0

loadplugin Mail::SpamAssassin::Plugin::TextCat
loadplugin Mail::SpamAssassin::Plugin::URIDNSBL
loadplugin Mail::SpamAssassin::Plugin::BodyEval

body URIBL_BLACK eval:check_uridnsbl('URIBL_BLACK')
describe URIBL_BLACK Contains an URL listed in the URIBL blacklist
tflags URIBL_BLACK net
score URIBL_BLACK 3.0

feel free to share your feedback!

Post's attachments

local.cf 6.88 kb, file has never been downloaded. 

You don't have the permssions to download the attachments of this post.