On Tue, Aug 14, 2018 at 3:54 AM Marc Dequènes (Duck) <duck@redhat.com> wrote:
Quack,
On 08/12/18 19:28, Greg Sheremeta wrote:
+Marc Dequenes <mailto:duck@redhat.com>
On Sun, Aug 12, 2018 at 6:26 AM Johan Bernhardsson <johan@kafit.se <mailto:johan@kafit.se>> wrote:
Several mails today that is pure spam ....
I'm looking into it. This does not fare well, so please be patient.
First, the antispam system is working well, but the results are sometimes far from perfect. For example:
https://lists.ovirt.org/archives/list/users@ovirt.org/thread/HN35B675ZXZEHDJ... results in: Aug 11 08:36:04 mail spamd[6241]: spamd: clean message (2.9/5.0) for spamassassin:995 in 1.2 seconds, 10363 bytes. Aug 11 08:36:04 mail spamd[6241]: spamd: result: . 2 -
DEAR_SOMETHING,DKIM_SIGNED,DKIM_VALID,HTML_MESSAGE,HTML_OBFUSCATE_10_20,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_PASS,T_DKIMWL_WL_MED
scantime=1.2,size=10363,user=spamassassin,uid=995,required_score=5.0,rhost=localhost,raddr=::1,rport=33084,mid=<CALqC2RY5J9x137VqHirr_yyEXztgMU3mJoqSpwyf_EFeYmHC= Q@mail.gmail.com>,autolearn=no autolearn_force=no
This is a pretty low score but because it pretty well redacted compared to common spam, it went through. I'm not sure how to address this problem because lowering the score too much is just gonna create false positives and be even more annoying.
I've also seen a few @qq.com mails subscribed and AFAIK only spam comes from this domain
That's not correct. qq.com is a widely used Chinese domain and I recall receiving more than one valid question from people using it.
and it was already banned (at least \d+@qq.com addresses) but I guess they learned how to subscribe before the ban. This can easily be fixed though.
\_o<
-- GREG SHEREMETA SENIOR SOFTWARE ENGINEER - TEAM LEAD - RHV UX Red Hat NA <https://www.redhat.com/> gshereme@redhat.com IRC: gshereme <https://red.ht/sig>