SpamAssassin settings are filtering out some non-spam sites

General discussions and other topics.
2 posts Page 1 of 1
by oddhack » Thu Sep 19, 2019 6:04 am
I have notifications turned on from USAA (coming from a usaa.com subdomain), but they're getting dumped into graymail, primarily due to getting 5 points for SONIC_BANK_PHISH. Since this is a real bank sending a real and desired message, it would be a good idea to put them in the global whitelist (obviously I can and have put them in my personal whitelist - once I finally noticed the problem existed).

Actually, the SONIC_BANK_PHISH isn't the whole story, either - there may be other false flags that would end up marking it as spam:

Content analysis details: (9.8 points, 5.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
-0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/,
low trust
[217.70.183.198 listed in list.dnswl.org]
1.0 SONIC_USAA_NOTIFY1 No description available.
-1.0 SONIC_FRIEND Someone you've likely exchanged email with before
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
0.0 HTML_MESSAGE BODY: HTML included in message
2.0 BASE64_LENGTH_79_INF BODY: base64 encoded email part uses line
length greater than 79 characters
-0.5 SNF4SA Message Sniffer
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
1.1 DCC_CHECK Detected as bulk mail by DCC (dcc-servers.net)
5.0 SONIC_BANK_PHISH Fake banking emails
0.0 LOTS_OF_MONEY Huge... sums of money
1.8 THIS_AD "This ad" and variants
-0.0 DKIMWL_WL_HIGH DKIMwl.org - Whitelisted High sender
1.2 FROM_WORDY From address looks like a sentence
by devonte.taylor » Wed Oct 02, 2019 3:54 pm
Hello,

Thank you for the report. If you can forward an example to us, we can take look into why it could be triggering a false positive for spam. We look forward to hearing back and getting this resolved soon.
Devonte T.
Community & Escalations Specialist
Sonic
2 posts Page 1 of 1

Who is online

In total there are 7 users online :: 0 registered, 0 hidden and 7 guests (based on users active over the past 5 minutes)
Most users ever online was 422 on Sat May 26, 2012 5:28 am

Users browsing this forum: No registered users and 7 guests