[Rspamd-Users] Incorrect filtering in multimap?
christian
usenet at schani.com
Sun Feb 25 13:36:36 UTC 2024
Hello,
I've actually had good experiences with Rspamd for weeks now. Of course,
I observe the results of the filtering and notice that spam emails slip
through every now and then. But for strange reasons.
An email just came through from info at beepost.de with a picture book
spam. I have this domain in a blacklist via multimap. But the email
comes through with the note
WHITELIST_SENDER_DOMAIN (-20) [beepost.de]
R_DKIM_ALLOW (-0.2) [beepost.de:s=dfxd2023,beepost.de:s=aventura-1k-a]
R_SPF_ALLOW (-0.2) [+ip4:185.212.196.112/31]
MAILLIST (-0.1125) [generic]
MIME_GOOD (-0.1) [multipart/related,multipart/alternative,text/plain]
REPLYTO_EQ_FROM (0)
FROM_HAS_DN (0)
FROM_NEQ_ENVFROM (0) [info at beepost.de,rtpath at beepost.de]
TAGGED_FROM (0) [0224b716db65822044660000198b4515]
ASN (0) [asn:8426, ipnet:185.212.196.0/22, country:GB]
MIME_TRACE (0) [0:+,1:+,2:+,3:~]
HAS_REPLYTO (0) [info at beepost.de]
DKIM_TRACE (0) [beepost.de:+]
Of course I checked and the domain is not included in my whitelist. I
checked all maps. The domain is only in the blacklist. There is also no
Bayes test for the email, and no SPAMD check, which should also
recognize it as spam.
Why does something like this happen? configtest returns OK
Do you have an idea what it could be?
Thanks
Christian
More information about the Users
mailing list