Back to Blog
Spamassassin check6/28/2023 T_RP_MATCHES_RCVD autolearn=ham version=3.3. X-Spam-Status: No, score=-1.9 required=3.5 tests=AWL,BAYES_00,SPF_PASS, To check if SPF validation is taking place, check the mailserver logs or the X-Spam-Status email header for SPF_PASS (or maybe SPF_FAIL!), this proves the module is loaded and running correctly. This is the most widely used open-source tool for scanning messages. The backend tool at work for Spam Check is called SpamAssassin. The Spam Check tool scans the content of your message and displays your results on both the Campaign Summary page and Campaign Settings page. ![]() On CentOS/RHEL, these Perl modules are available in EPEL and you can install both with: yum install perl-Mail-SPF perl-Mail-SPF-Query We run a Spam Check for every campaign and automation email you create. You *also* need the Perl modules Mail::SPF or Mail::SPF::Query installed – without these, SpamAssassin will silently avoid doing SPF validations and you’ll be left wondering why you’re still getting silly spam. To turn this on, you just need to ensure your SpamAssassin configuration is set to load the SPF plugin: loadplugin Mail::SpamAssassin::Plugin::SPF Using SpamAssassin’s scoring offers some protection against false positives – if an organisation missconfigures their mail server so that their SPF record fails, but all the other details in the email are OK, the email may still be delivered, if the content looks like ham, comes from a properly configured server, etc, even if the SPF is incorrect – generally a couple different checks need to fail in order for emails to be blacklisted. ![]() SpamAssassin has a plugin that makes use of these SPF records to score incoming mail – by having strict SPF records for my domain and turning on SpamAssassin’s validation, it ensures that any spam I receive pretending to be from my domain will be blocked, as well as anyone trying to spam under the name of other domains with SPF enabled will also be blocked. ![]() The SPF records tell other mail servers which systems are really mine, vs which ones are frauds trying to send spam pretending to be me. To stop sender address forgery, where spammers email using my domain to email either myself, or others entities, I configured SPF records for my domain some time ago. I’ve been using SpamAssassin for years, it’s a fantastic open source anti-spam tool and plugs easily into *nix operating system mail transport agents such as Sendmail and Postfix.
0 Comments
Read More
Leave a Reply. |