[Rspamd-Users] spam passed with very high score
Marc Risse
marc at risse.email
Mon Dec 3 07:50:04 UTC 2018
Hi list,
I just received an email with a score of 53 but rspamd should block at
10. There are a lot of emails which were blocked at >=10 points.
Everything seems to work, but not with this email. How can I debug this
situation? Here is the header:
Return-Path: <EdwardBailey at myrepublic.co.id>
X-Original-To: marc at marc-risse.de
Delivered-To: marc at risse.email
Received: from localhost (localhost.localdomain [127.0.0.1])
by relay.stormdesignz5.de (Postfix) with ESMTP id 18B557BFB1
for <marc at marc-risse.de>; Mon, 3 Dec 2018 03:26:39 +0100 (CET)
X-Virus-Scanned: by amavisd-new-2.10.1 (20141025) (Linux) at
relay.stormdesignz5.de
Received: from host-158.140.184-159.myrepublic.co.id (unknown
[110.50.85.162])
by relay.stormdesignz5.de (Postfix) with SMTP id A03E77BDDC
for <marc at marc-risse.de>; Mon, 3 Dec 2018 03:26:30 +0100 (CET)
Received: from unknown (59.232.178.208)
by mtu67.syds.piswix.net with NNFMP; Mon, 03 Dec 2018 02:08:56 -0800
Received: from mtu23.bigping.com ([61.59.214.6]) by
public.micromail.com.au with NNFMP; Mon, 03 Dec 2018 01:49:47 -0800
Received: from unknown (HELO smtp.endend.nl) (Mon, 03 Dec 2018 01:47:40
-0800)
by rsmail.alkoholic.net with LOCAL; Mon, 03 Dec 2018 01:47:40 -0800
Message-ID: <B5A780B7.B559F872 at myrepublic.co.id>
Date: Mon, 03 Dec 2018 01:47:40 -0800
Reply-To: "Laura" <EdwardBailey at myrepublic.co.id>
From: "Laura" <EdwardBailey at myrepublic.co.id>
MIME-Version: 1.0
To: "Laura" <marc at marc-risse.de>
Subject: Wenn du Zeit fur mich hast, schreib mir jetzt.
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: base64
X-Spamd-Bar: +++++++++++++++++++++++++++++++++++++++++++++++++++++
X-Rspamd-Server: relay
X-Spamd-Result: default: False [53.80 / 10.00];
HAS_REPLYTO(0.00)[EdwardBailey at myrepublic.co.id];
SPF_FAIL_NO_DKIM(6.00)[];
RBL_DRONEBL_SocksProxy(1.00)[162.85.50.110.dnsbl.dronebl.org :
127.0.0.8];
RBL_SPAMHAUS_XBL(4.00)[162.85.50.110.zen.spamhaus.org : 127.0.0.4];
RBL_SPAMHAUS_CSS(2.00)[162.85.50.110.zen.spamhaus.org : 127.0.0.3];
DATE_IN_FUTURE(4.00)[];
RCVD_COUNT_THREE(0.00)[4];
TO_DN_ALL(0.00)[];
MX_GOOD(-0.10)[alt1.aspmx.l.google.com,alt4.aspmx.l.google.com,alt3.aspmx.l.google.com,alt2.aspmx.l.google.com,aspmx.l.google.com];
SEM_URIBL(3.50)[helgahanna.su.uribl.spameatingmonkey.net];
HFILTER_HELO_2(1.00)[host-158.140.184-159.myrepublic.co.id];
MIME_BASE64_TEXT(0.10)[];
RCVD_NO_TLS_LAST(0.10)[];
FROM_EQ_ENVFROM(0.00)[];
R_DKIM_NA(0.00)[];
JP_SURBL_MULTI(1.00)[helgahanna.su.multi.surbl.org];
ASN(0.00)[asn:17670, ipnet:110.50.85.0/24, country:ID];
MID_RHS_MATCH_FROM(0.00)[];
RSPAMD_URIBL(3.50)[helgahanna.su];
ABUSE_SURBL(5.50)[helgahanna.su.multi.surbl.org];
R_SPF_FAIL(0.00)[-all];
URIBL_BLOCKED(0.00)[helgahanna.su.multi.uribl.com];
RBL_NIXSPAM(4.00)[162.85.50.110.ix.dnsbl.manitu.net];
FROM_HAS_DN(0.00)[];
ARC_NA(0.00)[];
TO_MATCH_ENVRCPT_ALL(0.00)[];
DMARC_POLICY_QUARANTINE(0.00)[myrepublic.co.id : No valid SPF, No
valid DKIM,quarantine];
RBL_BLOCKLISTDE(4.00)[162.85.50.110.bl.blocklist.de];
RCPT_COUNT_ONE(0.00)[1];
REPLYTO_EQ_FROM(0.00)[];
RBL_VIRUSFREE_BOTNET(2.00)[162.85.50.110.bip.virusfree.cz :
127.0.0.2];
URIBL_SBL(0.00)[helgahanna.su];
MIME_HTML_ONLY(0.20)[];
IP_SCORE(2.00)[ipnet: 110.50.85.0/24(7.82), asn: 17670(1.97),
country: ID(1.98)];
RBL_SENDERSCORE(2.00)[162.85.50.110.bl.score.senderscore.com];
HFILTER_HOSTNAME_UNKNOWN(4.50)[];
RBL_SPAMHAUS_PBL(2.00)[162.85.50.110.zen.spamhaus.org : 127.0.0.11];
SIT_FUCKED_MAIL(1.50)[__BODY_FUCK]
X-Rspamd-Queue-Id: A03E77BDDC
X-Spam-Flag: YES
X-Spam: Yes
More information about the Users
mailing list