Spam Assassin has identified my email as spam!

[equens]

Spam Assassin has identified this incoming email as possible spam. The original message is not spam and I need to solve this problem because I need to send email to my customers. I think the big problems becomes with 3.3 MSGID_FROM_MTA_SHORT Message-Id was added by a relay


Content analysis details: (5.3 points, 5.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
0.8 HTML_30_40 BODY: Message is 30% to 40% HTML
0.1 HTML_FONTCOLOR_RED BODY: HTML font color is red
0.1 LINES_OF_YELLING_2 BODY: 2 WHOLE LINES OF YELLING DETECTED
0.1 HTML_FONTCOLOR_BLUE BODY: HTML font color is blue
0.1 HTML_FONTCOLOR_GREEN BODY: HTML font color is green
0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 HTML_MESSAGE BODY: HTML included in message
0.1 HTML_FONTCOLOR_UNSAFE BODY: HTML font color not in safe 6x6x6 palette
0.0 LINES_OF_YELLING BODY: A WHOLE LINE OF YELLING DETECTED
0.6 SUBJ_ALL_CAPS Subject is all capitals
3.3 MSGID_FROM_MTA_SHORT Message-Id was added by a relay


Any html email is going to be looked at with some suspicion by the filter - but if the 3.3 point added for "Message-Id was added by a relay" was removed...in this case the email would not look like SPAM.

Any ideas? Thanks!!!

[martekbiz]

BUMP!

Having this problem as well.. any ideas?

[Valuehosted]

bump the required to 6 or 8 even?

--Tone

[martekbiz]

The idea is to lower the 3.3 value.

*I* do not have control over this setting for everyone on my newsletter using spamassassin.

A

[SarcNBit]

This is a known issue.

Seeing that mailscanner is unsupported by cpanel, maybe you should contact the mailscanner group.

Just to state the obvious in lieu of a proper fix, knowing that 5.0 is the SA default why don't you save 0.6 points and use mixed case subject lines.

[equens]

Ok! I have seen that servers with Mailscanner + ClamAv have open realys. I think it is a terrible problem, because open realys are consider suspicious for sending spam.

:-(

[chirpy]

Ok! I have seen that servers with Mailscanner + ClamAv have open realys. I think it is a terrible problem, because open realys are consider suspicious for sending spam.

OK:

1. Can you please stop cross-posting this claim in any MailScanner thread you see.

2. I haven't seen you substantantiate the claim yet, we don't have any open relays using the combination.

3. Your post has nothing to do with this thread. (like mine, now )

Back to the thread, as has been said already the best solution is to simply reduce the score for MSGID_FROM_MTA_SHORT in the spamassassin configuration files.

[martekbiz]

Originally posted by chirpy
Back to the thread, as has been said already the best solution is to simply reduce the score for MSGID_FROM_MTA_SHORT in the spamassassin configuration files.

Hey there!

That works for myself and perhaps some of *my* clients on my mailing list but not for those whom I don't have control over their spamassassin software.

There has to be a way to reduce this within the mailing script itself, I just don't know WHAT controls this score to make the changes.

Any idea?

Thanks!

A

[richy]

Which email program are you using to send out the email message? It's probably that that's producing the short message-id .

You could also ensure that there's a plain text copy (not just/only a HTML version) of the message (which will then cancel out the 0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts), don't excessively USE CAPITALISATION in the email and subject (canelling 0.1 LINES_OF_YELLING_2 BODY: 2 WHOLE LINES OF YELLING DETECTED, and 0.6 SUBJ_ALL_CAPS Subject is all capitals), using "web safe colors" in the email (cancelling 0.1 HTML_FONTCOLOR_UNSAFE BODY: HTML font color not in safe 6x6x6 palette) and then just cutting down on the color usage.

[martekbiz]

Originally posted by richy
Which email program are you using to send out the email message? It's probably that that's producing the short message-id .

Hi there and thanks for your reply.

The email program is a newsletter management software (web-based) that my firm wrote (PHP) to manage our clients newsletter/email campaigns.

it's built from the group up and is quite clean.

The filter we're having a problem with is: 3.3 MSGID_FROM_MTA_SHORT Message-Id was added by a relay

With the default setting of 5, if we cna remove that 3.3 score we'd come in at about 3.5 for a total score. Right now, some of our customers and our client's customers are not receiving the emails because of this 3.3 score for a relay.

I don't know what controls this setting so I can rework our program to drop that score.

ANY ideas?

Thanks!

A

[richy]

Where your PHP script generates the message headers (probably using "mail"), it needs to set a Message-Id there. I recommend something like (6xrandomcharacters)(timestamp)(4xrandomcharacters)@(yourdomain) .

[chirpy]

richy, I think you'll find your mistaken. The MTA generates the message-id of an email header, in this case it's the outgoing SMTP server Exim.

That works for myself and perhaps some of *my* clients on my mailing list but not for those whom I don't have control over their spamassassin software.

I've not found a solution to this in Exim, and I would suspect the only way you would be able to resolve the issue with receiving SMTP servers would be to discuss the issue over at http://www.exim.org with the developers.

[richy]

The MTA only creates one if there is NOT an existing message-id: and this is the problem you are hitting.

Make your PHP script generate a Message-ID itself (the same way Outlook generates one, Netscape Composer creates one etc etc) and all will be well. Believe me, I know whereof I speak (I've written a number of auto-responder programs from scratch, mailing list managers etc etc)

[chirpy]

The MTA only creates one if there is NOT an existing message-id: and this is the problem you are hitting

Which is fair enough, up to a point. You'll sort out the issue for that one script, but it doesn't sort out the general problem with Exim generated message-id's in general, which has a tendency to generate short ones.

[richy]

Simple answer: don't leave the generation of the message-id to the MTA.

SpamAssassin is "strict" about this because a large amount of spam which is received directly by the receiving MTA (i.e. "direct injection") does not have a message-id and hence the MTA (or relay server) generates one which is flagged by SA. However, "valid email" has the Message-Id generated by the sending email client (such as outlook) and so won't have a message-id generated by the MTA and hence has a much less likely chance of being spam.

Personally, in scripts, I try and generate at least the following headers myself:
To:
From:
Reply-to:
Message-id:
X-Abuse:
X-IP-Address: (of sender for PHP script)
X-ScriptName: