The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Apache SpamAssassin has identified my email as spam!

Discussion in 'EasyApache' started by equens, Apr 2, 2004.

  1. equens

    equens Well-Known Member

    Joined:
    Feb 8, 2002
    Messages:
    270
    Likes Received:
    0
    Trophy Points:
    16
    Spam Assassin has identified this incoming email as possible spam. The original message is not spam and I need to solve this problem because I need to send email to my customers. I think the big problems becomes with 3.3 MSGID_FROM_MTA_SHORT Message-Id was added by a relay


    Content analysis details: (5.3 points, 5.0 required)

    pts rule name description
    ---- ---------------------- --------------------------------------------------
    0.8 HTML_30_40 BODY: Message is 30% to 40% HTML
    0.1 HTML_FONTCOLOR_RED BODY: HTML font color is red
    0.1 LINES_OF_YELLING_2 BODY: 2 WHOLE LINES OF YELLING DETECTED
    0.1 HTML_FONTCOLOR_BLUE BODY: HTML font color is blue
    0.1 HTML_FONTCOLOR_GREEN BODY: HTML font color is green
    0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
    0.0 HTML_MESSAGE BODY: HTML included in message
    0.1 HTML_FONTCOLOR_UNSAFE BODY: HTML font color not in safe 6x6x6 palette
    0.0 LINES_OF_YELLING BODY: A WHOLE LINE OF YELLING DETECTED
    0.6 SUBJ_ALL_CAPS Subject is all capitals
    3.3 MSGID_FROM_MTA_SHORT Message-Id was added by a relay


    Any html email is going to be looked at with some suspicion by the filter - but if the 3.3 point added for "Message-Id was added by a relay" was removed...in this case the email would not look like SPAM.

    Any ideas? Thanks!!!
     
  2. martekbiz

    martekbiz Member

    Joined:
    Mar 17, 2004
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    BUMP!

    Having this problem as well.. any ideas?
     
  3. Valuehosted

    Valuehosted Well-Known Member

    Joined:
    Dec 12, 2002
    Messages:
    124
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sweden
    bump the required to 6 or 8 even?

    --Tone
     
  4. martekbiz

    martekbiz Member

    Joined:
    Mar 17, 2004
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    The idea is to lower the 3.3 value.

    *I* do not have control over this setting for everyone on my newsletter using spamassassin.

    A
     
  5. SarcNBit

    SarcNBit Well-Known Member

    Joined:
    Oct 14, 2003
    Messages:
    1,010
    Likes Received:
    3
    Trophy Points:
    38
    This is a known issue.

    Seeing that mailscanner is unsupported by cpanel, maybe you should contact the mailscanner group.

    Just to state the obvious in lieu of a proper fix, knowing that 5.0 is the SA default why don't you save 0.6 points and use mixed case subject lines.
     
  6. equens

    equens Well-Known Member

    Joined:
    Feb 8, 2002
    Messages:
    270
    Likes Received:
    0
    Trophy Points:
    16
    Servers with Mailscanner + ClamAv have open realys

    Ok! I have seen that servers with Mailscanner + ClamAv have open realys. I think it is a terrible problem, because open realys are consider suspicious for sending spam.

    :-(
     
  7. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    OK:

    1. Can you please stop cross-posting this claim in any MailScanner thread you see.

    2. I haven't seen you substantantiate the claim yet, we don't have any open relays using the combination.

    3. Your post has nothing to do with this thread. (like mine, now :rolleyes: )

    Back to the thread, as has been said already the best solution is to simply reduce the score for MSGID_FROM_MTA_SHORT in the spamassassin configuration files.
     
  8. martekbiz

    martekbiz Member

    Joined:
    Mar 17, 2004
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Hey there!

    That works for myself and perhaps some of *my* clients on my mailing list but not for those whom I don't have control over their spamassassin software.

    There has to be a way to reduce this within the mailing script itself, I just don't know WHAT controls this score to make the changes.

    Any idea?

    Thanks!

    A
     
  9. richy

    richy Well-Known Member

    Joined:
    Jun 30, 2003
    Messages:
    276
    Likes Received:
    1
    Trophy Points:
    16
    Which email program are you using to send out the email message? It's probably that that's producing the short message-id .

    You could also ensure that there's a plain text copy (not just/only a HTML version) of the message (which will then cancel out the 0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts), don't excessively USE CAPITALISATION in the email and subject (canelling 0.1 LINES_OF_YELLING_2 BODY: 2 WHOLE LINES OF YELLING DETECTED, and 0.6 SUBJ_ALL_CAPS Subject is all capitals), using "web safe colors" in the email (cancelling 0.1 HTML_FONTCOLOR_UNSAFE BODY: HTML font color not in safe 6x6x6 palette) and then just cutting down on the color usage.
     
  10. martekbiz

    martekbiz Member

    Joined:
    Mar 17, 2004
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Hi there and thanks for your reply.

    The email program is a newsletter management software (web-based) that my firm wrote (PHP) to manage our clients newsletter/email campaigns.

    it's built from the group up and is quite clean.

    The filter we're having a problem with is: 3.3 MSGID_FROM_MTA_SHORT Message-Id was added by a relay

    With the default setting of 5, if we cna remove that 3.3 score we'd come in at about 3.5 for a total score. Right now, some of our customers and our client's customers are not receiving the emails because of this 3.3 score for a relay.

    I don't know what controls this setting so I can rework our program to drop that score.

    ANY ideas?

    Thanks!

    A
     
  11. richy

    richy Well-Known Member

    Joined:
    Jun 30, 2003
    Messages:
    276
    Likes Received:
    1
    Trophy Points:
    16
    Where your PHP script generates the message headers (probably using "mail"), it needs to set a Message-Id there. I recommend something like (6xrandomcharacters)(timestamp)(4xrandomcharacters)@(yourdomain) .
     
  12. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    richy, I think you'll find your mistaken. The MTA generates the message-id of an email header, in this case it's the outgoing SMTP server Exim.

    I've not found a solution to this in Exim, and I would suspect the only way you would be able to resolve the issue with receiving SMTP servers would be to discuss the issue over at http://www.exim.org with the developers.
     
  13. richy

    richy Well-Known Member

    Joined:
    Jun 30, 2003
    Messages:
    276
    Likes Received:
    1
    Trophy Points:
    16
    The MTA only creates one if there is NOT an existing message-id: and this is the problem you are hitting.

    Make your PHP script generate a Message-ID itself (the same way Outlook generates one, Netscape Composer creates one etc etc) and all will be well. Believe me, I know whereof I speak :) (I've written a number of auto-responder programs from scratch, mailing list managers etc etc)
     
  14. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Which is fair enough, up to a point. You'll sort out the issue for that one script, but it doesn't sort out the general problem with Exim generated message-id's in general, which has a tendency to generate short ones.
     
  15. richy

    richy Well-Known Member

    Joined:
    Jun 30, 2003
    Messages:
    276
    Likes Received:
    1
    Trophy Points:
    16
    Simple answer: don't leave the generation of the message-id to the MTA.

    SpamAssassin is "strict" about this because a large amount of spam which is received directly by the receiving MTA (i.e. "direct injection") does not have a message-id and hence the MTA (or relay server) generates one which is flagged by SA. However, "valid email" has the Message-Id generated by the sending email client (such as outlook) and so won't have a message-id generated by the MTA and hence has a much less likely chance of being spam.

    Personally, in scripts, I try and generate at least the following headers myself:
    To:
    From:
    Reply-to:
    Message-id:
    X-Abuse:
    X-IP-Address: (of sender for PHP script)
    X-ScriptName:
     
  16. martekbiz

    martekbiz Member

    Joined:
    Mar 17, 2004
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Richy,

    Would you happen to have the code you use to Generate the Message-ID header?

    I am trying a bunch of different hacks which HAVE lowered the 3.3 score down to 3.0 but still puts me well over the overall default 5.0 score for a piece of email.

    Tired about 4 different hacks but nothing seems to work.

    Care to share?

    Thanks!

    Aaron
     
  17. richy

    richy Well-Known Member

    Joined:
    Jun 30, 2003
    Messages:
    276
    Likes Received:
    1
    Trophy Points:
    16
    Which language? I've done the same thing in Perl, PHP, ARM Assembler, ARM Basic 6 and a very other languages...
     
  18. martekbiz

    martekbiz Member

    Joined:
    Mar 17, 2004
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    PHP :D
     
  19. martekbiz

    martekbiz Member

    Joined:
    Mar 17, 2004
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    no need for a code example!

    I got it figured out.

    Thanks!!

    A
     
  20. goodmove

    goodmove Well-Known Member

    Joined:
    May 12, 2003
    Messages:
    624
    Likes Received:
    0
    Trophy Points:
    16
    HOW??? :)
     
Loading...

Share This Page