|

»

»

SpamAssassin - Users

RCVD_IN_DNSWL_MED

View: New views

3 Messages — Rating Filter: Alert me

	RCVD_IN_DNSWL_MED by Charles Gregory :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Once again, I'm finding a piece of spam getting through because of RCVD_IN_DNSWL_MED=-4 ..... Is this just the 'occasional' FP that we have to live with? Or should I rethink scoring that DNSWL? According to the headers, it looks like an end user of a web mail account had their password hacked (probably they were stupid and answered one of those 'send us your password' phishing mails). So I think the ISP has a rep worthy of the WL. But are we jsut opening the door to allowing spam as spammers target whitelisted systems to break into? Is there such a thing as too much whitelisting? - Charles
	Re: RCVD_IN_DNSWL_MED by Benny Pedersen :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On fre 30 okt 2009 16:39:04 CET, Charles Gregory wrote > Once again, I'm finding a piece of spam getting through > because of RCVD_IN_DNSWL_MED=-4 ..... what is the ip ? http://www.dnswl.org/ make a request for change dont change problem in sa -- xpoint
	Re: [sa] Re: RCVD_IN_DNSWL_MED by Charles Gregory :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Fri, 30 Oct 2009, Benny Pedersen wrote: > On fre 30 okt 2009 16:39:04 CET, Charles Gregory wrote >> Once again, I'm finding a piece of spam getting through >> because of RCVD_IN_DNSWL_MED=-4 ..... > what is the ip ? Don't think it really matters. As I stated in my OP, it looks like a reputable ISP to which I need merely report the hacked account and I'm sure they will fix things in a hurry. The issue I am opening for discussion is whether this is the tip of a spammer 'iceberg'. The phishing mails are obviosu signs that they consider it a line of attack to obtain webmail passwords, but does this represent a signficant impact on the trustworthiness of DNSWL? - C