On Tue, Aug 14, 2018 at 3:54 AM Marc Dequènes (Duck) <duck(a)redhat.com>
wrote:
Quack,
On 08/12/18 19:28, Greg Sheremeta wrote:
> +Marc Dequenes <mailto:duck@redhat.com>
>
> On Sun, Aug 12, 2018 at 6:26 AM Johan Bernhardsson <johan(a)kafit.se
> <mailto:johan@kafit.se>> wrote:
>
> Several mails today that is pure spam ....
I'm looking into it. This does not fare well, so please be patient.
First, the antispam system is working well, but the results are
sometimes far from perfect. For example:
https://lists.ovirt.org/archives/list/users@ovirt.org/thread/HN35B675ZXZE...
results in:
Aug 11 08:36:04 mail spamd[6241]: spamd: clean message (2.9/5.0) for
spamassassin:995 in 1.2 seconds, 10363 bytes.
Aug 11 08:36:04 mail spamd[6241]: spamd: result: . 2 -
DEAR_SOMETHING,DKIM_SIGNED,DKIM_VALID,HTML_MESSAGE,HTML_OBFUSCATE_10_20,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_PASS,T_DKIMWL_WL_MED
scantime=1.2,size=10363,user=spamassassin,uid=995,required_score=5.0,rhost=localhost,raddr=::1,rport=33084,mid=<CALqC2RY5J9x137VqHirr_yyEXztgMU3mJoqSpwyf_EFeYmHC=
Q(a)mail.gmail.com>,autolearn=no
autolearn_force=no
This is a pretty low score but because it pretty well redacted compared
to common spam, it went through. I'm not sure how to address this
problem because lowering the score too much is just gonna create false
positives and be even more annoying.
I've also seen a few @qq.com mails subscribed and AFAIK only spam comes
from this domain
That's not correct.
is a widely used Chinese domain and I recall
receiving more than one valid question from people using it.
and it was already banned (at least \d+(a)qq.com
addresses) but I guess they learned how to subscribe before the ban.
This can easily be fixed though.
\_o<
--
GREG SHEREMETA
SENIOR SOFTWARE ENGINEER - TEAM LEAD - RHV UX
Red Hat NA
<