This is a discussion on Re: Low Scores on Bounce Backs - SpamAssassin ; From what I've seen the VBounce ruleset catches ALL backscatter and does not distinguish between legitimate bounce-backs and bounce-backs of emails with forged return addresses - which basically makes it useless for filtering out joe-jobs. VBounce should be matching the ...
From what I've seen the VBounce ruleset catches ALL backscatter and does
not distinguish between legitimate bounce-backs and bounce-backs of emails
with forged return addresses - which basically makes it useless for
filtering out joe-jobs.
VBounce should be matching the forged name of the orginating mailserver
against the IP address of the originating mailserver.
At 04:59 AM 4/11/2008, Justin Mason wrote:
>Jason Haar writes:
> > I think we've detoured from the actual problem?
> >
> > The fact is that lots of spam is now being sent to other sites,
> > pretending to be from (collectively) our email addresses, so that we get
> > the bounces containing the spam. And SA isn't marking these messages as
> > spam, whereas if it was directly sent the same spam, it would.
> >
> > So how do we fix this situation? What about getting SA to "detach" the
> > associated bounced message as a separate message and score that instead?
> > I know I can casually just say that - doing is a different matter - but
> > isn't that really the only answer to this problem?
>
>There's no problem. SpamAssassin 3.2.x includes the VBounce ruleset which
>is expressly designed to catch backscatter -- and does a good job at it.
>
>If you have a backscatter problem, you need to start using that ruleset.
>
>--j.
Best Regards,
Jeff Koch, Intersessions
