BOTNET_* spam score meaning
Tom Hendrikx
tom at whyscream.net
Fri Jul 28 09:33:43 CEST 2017
On 26-07-17 15:53, Phil Susi wrote:
> I've been googling for the last half hour and can not find any
> documentation that describes what these spam status scores mean. I'm
> seeing good mail flagged as spam because of this:
>
> X-Spam-Status: Yes, score=3.2 tagged_above=-999 required=3
> tests=[BOTNET_BADHELO=0.2, BOTNET_CLIENT=0.8, BOTNET_HIT=0.4,
> BOTNET_IPINHOSTNAME=0.2, CLICK1_IMEDIA=0.5,
> IMEDIA_FROM_NOT_SENDER=0.1, LOTS_OF_MONEY=0.001, RDNS_DYNAMIC=1,
> SPF_PASS=-0.001] autolearn=disabled
>
> It does appear that the sending server's reverse DNS does not match. Is
> that what is causing all of this?
>
See https://wiki.apache.org/spamassassin/CustomPlugins#Unmaintained_Plugins
(and other results from
https://www.google.com/search?q=spamassassin+botnet+plugin)
This plugin has been discussed a few times over the years on the
spamassassin list, mainly when someone ran into similar issues as yours.
It's old, unmaintained and does some risky assumptions.
Kind regards,
Tom
More information about the amavis-users
mailing list