header SWS_AUTH Received =~ /Authenticated sender/ describe SWS_AUTH Mail from local SASL is good score SWS_AUTH -10 I have the above in my SA local.conf file. Received: from liv (unknown [x.x.x.x]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: russell@coker.com.au) by smtp.sws.net.au (Postfix) with ESMTPSA id 4BB77F173 for <russell@coker.com.au>; Tue, 14 Apr 2020 13:53:41 +1000 (AEST) [...] X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED=0.1, DKIM_VALID=-0.1,DKIM_VALID_AU=-0.1,DKIM_VALID_EF=-0.1, UNPARSEABLE_RELAY=0.001 autolearn=disabled version=3.4.2 Above are the relevant headers of a message coming through. Why am I not getting a -10 added to the score? Thanks. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/
Hi Russell, On 14/4/20 1:55 pm, Russell Coker via luv-main wrote:
header SWS_AUTH Received =~ /Authenticated sender/ describe SWS_AUTH Mail from local SASL is good score SWS_AUTH -10
I believe that you are making the email received as being assessed with a "-10" to the score, depending on other assessment. I have the following for penalizing bad SPF results: header _Received_SPF Received-SPF =~ /permerror/ score _Received_SPF 50 header _Received_SPF Received-SPF =~ /error/ score _Received_SPF 100 What that does is force higher spam scores by adding either 50 or 100 to the assessment; it doesn't set the overall score, but only effects the overall score. Cheers A.
On Tue, Apr 14, 2020 at 01:55:42PM +1000, Russell Coker wrote:
header SWS_AUTH Received =~ /Authenticated sender/ describe SWS_AUTH Mail from local SASL is good score SWS_AUTH -10
I have the above in my SA local.conf file.
Received: from liv (unknown [x.x.x.x]) [...] (Authenticated sender: russell@coker.com.au) by smtp.sws.net.au (Postfix) with ESMTPSA id 4BB77F173 [...] X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED=0.1, DKIM_VALID=-0.1,DKIM_VALID_AU=-0.1,DKIM_VALID_EF=-0.1, UNPARSEABLE_RELAY=0.001 autolearn=disabled version=3.4.2
Above are the relevant headers of a message coming through. Why am I not getting a -10 added to the score?
This section of Mail::SpamAssassin::Conf(3pm) might be relevant: header SYMBOLIC_TEST_NAME header op /pattern/modifiers [if-unset: STRING] . . . If the header specified matches multiple headers, their text will be concatenated with embedded \n's. Therefore you may wish to use "/m" if you use "^" or "$" in your regular expression. There's almost always multiple Received: headers in a message, and they're often multi-line strings so, even though you're not using ^ or $ anchors in the pattern, it might be worth trying: header SWS_AUTH Received =~ /Authenticated sender/m BTW, I have several very similar rules in my local.conf, but matching Subject: and other headers - none for a Received: header. They work just fine. PS: did you reload amavisd, spamc, spampd, or whatever spamassassin daemon you use AFTER you changed the local.conf file? Changes don't take effect until they're loaded in and the regexps compiled. craig
participants (3)
-
Andrew McGlashan -
Craig Sanders -
Russell Coker