The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

AXB_JT_FOLNO0 - JT's fingerprint

Discussion in 'E-mail Discussions' started by Daniel Kempton, Feb 19, 2016.

  1. Daniel Kempton

    Daniel Kempton Registered

    Joined:
    Jan 28, 2016
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Oregon
    cPanel Access Level:
    Website Owner
    I manage the website for a small publishing company, and I have been working to configure the settings for my SpamAssassin so not as many valid emails are getting bounced as spam. I reconfigured the delete rule in account based filtering so that email is sent to a custom email address. (This was beore the last update has the spambox.).

    I have been going through the headers of the valid emails marked as spam to try and resolve the issue. There are some rules that I have seen, that I can't find any definition for. Meaning, what is that rule checking for.

    Here are the results for one email in particular, that has me baffled. The email itself was valid, the sender is an author with us. I don't know what I am seeing here. I cannot find anything information the AXB_JT_FOLNO0 at all, other than examples on google of emails with this test. What is it testing for. Do they have a comprised system, given the multiple TO: lines in the header? The AXB_JT_FOLNO0 is the only rule that isn't explanatory, or at least I can't find anything on JT's fingerprint.

    I have sterilized the headers, to protect privacy of all involved.

    [Removed - Please do not post actual domain name and IP address in logs]
     
    #1 Daniel Kempton, Feb 19, 2016
    Last edited by a moderator: Feb 22, 2016
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  3. Daniel Kempton

    Daniel Kempton Registered

    Joined:
    Jan 28, 2016
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Oregon
    cPanel Access Level:
    Website Owner
    To Moderator: I thought I had removed all of the REAL IP and domain information replacing it with bogus information, using ???? for the domain names and email addresses. If I missed something, then I apologize. I don't think I have an original copy of the post to look at, so I don't know what I missed.

    As for custom rules, the AXB_JT_FOLNO is coming from baynes, and as for grey listing, I will have to look at that. The implementation from my hosting provider seems to be somewhat limited. There wasn't a whitelist_to in the cpanel screen, however greylisting may be available from the VPS / WHM config.

    ---
    I found that I still had notepad++ open from when I sterilized the header. It looks like I forgot to sterilize a domain name and IP addresses on the "received from:" line. I got part of it, but missed part.
     
    #3 Daniel Kempton, Feb 22, 2016
    Last edited: Feb 22, 2016
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    It looks like you only have access to cPanel, and not root access to the system. Thus, you won't be able to utilize the Greylisting feature unless it's enabled by your hosting provider. I suggest contacting your provider to see if there are any solutions they suggest to help prevent SPAM without producing an excess amount of false positives. As far as the "AXB_JT_FOLNO0" rule, check with your provider to see which rulesets they have enabled.

    Thank you.
     
  5. Daniel Kempton

    Daniel Kempton Registered

    Joined:
    Jan 28, 2016
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Oregon
    cPanel Access Level:
    Website Owner

    Well this website is running on a VPS, so I have access to WHM, and haven't checked there about grey listing. THE ABX_JT, or the JT Fingerprint rule, comes from the bayes.cnf. I was more inquiring as to WHAT the ABX_JT rule is checking. In the text that was removed by the admin, it listed all the rules applied to the message. Rules such as "more than one TO:" I understand. I just could not find anything out on just what a JT Fingerprint was, and why that indicated it might be spam, and didn't know where else to ask the question.
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    I don't see a description of this rule documented, so you may want to post the question to the SpamAssassin user mailing list for additional feedback:

    MailingLists - Spamassassin Wiki

    Thank you.
     

Share This Page