I seem to be getting these Amazon spams continuously now. The Spam score is -81! Is there a way to fix this?
I think the issue is in this area of the spam scoring:
Here is the general appearance of the email:
And here is the header source:
Return-Path: <MAILER-DAEMON>
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on e.spam.sonic.net
X-Spam-Level:
X-Spam-Status: No, score=-81.3 required=2.0 tests=DCC_CHECK,DKIM_ADSP_ALL,
FSL_BULK_SIG,GOOG_STO_NOIMG_HTML,HTML_MESSAGE,KHOP_HELO_FCRDNS,
MIME_HTML_ONLY,NORMAL_HTTP_TO_IP,NUMERIC_HTTP_ADDR,RCVD_IN_SBL,
RCVD_IN_SBL_CSS,SNF4SA,SONIC_BX_A2,SPF_HELO_NONE,USER_IN_WELCOMELIST,
USER_IN_WHITELIST shortcircuit=no autolearn=disabled version=3.4.6
X-Spam-SNF-Result: 53 (Scam Patterns)
X-Spam-MessageSniffer-Scan-Result:
X-Spam-MessageSniffer-Rules:
53-57022-104-1350-m
53-57022-0-10479-f
X-Spam-GBUdb-Analysis: 0, 157.131.224.146, Ugly c=1 p=-0.740514 Source Normal
Received: from a.mx.sonic.net (b.spam-proxy.sonic.net [157.131.224.146])
by b.local-delivery (8.14.7/8.14.7) with ESMTP id 192GMUTW024120
(version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT)
for <bobrk@lds.sonic.net>; Sat, 2 Oct 2021 09:22:30 -0700
Received: from idm.telekom.com (faiytfix.com [109.237.96.204] (may be forged))
by a.mx.sonic.net (8.14.7/8.14.7) with ESMTP id 192GMLcQ143451
for <bob@bobrk.com>; Sat, 2 Oct 2021 09:22:28 -0700
From: Amazon <account-update@amazon.com>
Subject: Are my customers actually satisfied?|
Date: Sat, 02 Oct 2021 16:31:29 +0200
To: [to]@a.mx.sonic.net
Reply-To: "Adobe Creative Cloud" <mail@mail.adobe.com>
MIME-Version: 1.0
X-mailer: nlserver, Build 6.7.0
Message-ID: <UXCfmAadobein_mid_prod9@mail.adobe.com>
X-250ok-CID: P26341-121020
TenantHeader: 1d0e6311-6f98-4c5b-8b0e-8df80d5b7739
Affinity: prod.default
X-cust_MessageID: 1938757681
X-cust_DeliveryID: 350826
X-cust_InstanceName: aci_prod
MessageMaxRetry: 2
MessageRetryPeriod: 3600
MessageWebValidityDuration: 2592000
MessageValidityDuration: 432000
X-cust_IMSOrgID:
Content-Transfer-Encoding: 7bit
Content-Type: text/html; charset="UTF-8"
X-Orthrus: tar=1 grey=no co=RU os=Linux/3.11 and newer/16 spf=skip dkim=none
I think the issue is in this area of the spam scoring:
Here is the general appearance of the email:
And here is the header source:
Return-Path: <MAILER-DAEMON>
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on e.spam.sonic.net
X-Spam-Level:
X-Spam-Status: No, score=-81.3 required=2.0 tests=DCC_CHECK,DKIM_ADSP_ALL,
FSL_BULK_SIG,GOOG_STO_NOIMG_HTML,HTML_MESSAGE,KHOP_HELO_FCRDNS,
MIME_HTML_ONLY,NORMAL_HTTP_TO_IP,NUMERIC_HTTP_ADDR,RCVD_IN_SBL,
RCVD_IN_SBL_CSS,SNF4SA,SONIC_BX_A2,SPF_HELO_NONE,USER_IN_WELCOMELIST,
USER_IN_WHITELIST shortcircuit=no autolearn=disabled version=3.4.6
X-Spam-SNF-Result: 53 (Scam Patterns)
X-Spam-MessageSniffer-Scan-Result:
X-Spam-MessageSniffer-Rules:
53-57022-104-1350-m
53-57022-0-10479-f
X-Spam-GBUdb-Analysis: 0, 157.131.224.146, Ugly c=1 p=-0.740514 Source Normal
Received: from a.mx.sonic.net (b.spam-proxy.sonic.net [157.131.224.146])
by b.local-delivery (8.14.7/8.14.7) with ESMTP id 192GMUTW024120
(version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT)
for <bobrk@lds.sonic.net>; Sat, 2 Oct 2021 09:22:30 -0700
Received: from idm.telekom.com (faiytfix.com [109.237.96.204] (may be forged))
by a.mx.sonic.net (8.14.7/8.14.7) with ESMTP id 192GMLcQ143451
for <bob@bobrk.com>; Sat, 2 Oct 2021 09:22:28 -0700
From: Amazon <account-update@amazon.com>
Subject: Are my customers actually satisfied?|
Date: Sat, 02 Oct 2021 16:31:29 +0200
To: [to]@a.mx.sonic.net
Reply-To: "Adobe Creative Cloud" <mail@mail.adobe.com>
MIME-Version: 1.0
X-mailer: nlserver, Build 6.7.0
Message-ID: <UXCfmAadobein_mid_prod9@mail.adobe.com>
X-250ok-CID: P26341-121020
TenantHeader: 1d0e6311-6f98-4c5b-8b0e-8df80d5b7739
Affinity: prod.default
X-cust_MessageID: 1938757681
X-cust_DeliveryID: 350826
X-cust_InstanceName: aci_prod
MessageMaxRetry: 2
MessageRetryPeriod: 3600
MessageWebValidityDuration: 2592000
MessageValidityDuration: 432000
X-cust_IMSOrgID:
Content-Transfer-Encoding: 7bit
Content-Type: text/html; charset="UTF-8"
X-Orthrus: tar=1 grey=no co=RU os=Linux/3.11 and newer/16 spf=skip dkim=none