Bogus X-Spam-Status header on outbound mail

[jerrek71]

Hi there,
I'm hoping someone can help me. I've been blocked by Hotmail too many times, and finally I got an answer that makes sense from them.

I have MailScanner installed, and despite that I have set the default scanning to be To (not FromOrTo) and have switched all domains to To - I am still seeing the MailScanner headers being added to outbound mail.

I have 'hacked' around this by configuring MailScanner to believe each 'informational' header should say 'X-Ignore' and set the values to 'ignore'. This gives me one X-Ignore: ignore header in my outbound mails (a bit pants, but hopefully won't annoy Microsoft's anti spam filters). It's also a bit annoying because I really would like those headers for inbound messages.

The only thing left is a bogus X-Spam-Status header which invariably says X-Spam-Status: no. It's being added to my outbound messages and that causes most antispam software to increase the spam score (because many spammers in the early days thought it'd be fun to try to subvert spam filters by adding headers such as these).

So, my question is, how do I stop outbound mail from having the X-Spam-Status header?

Cheers,
Steve.

 

[perfect-games]

you might want to check if your server ips been blacklisted as there a database that most major companies connect too.
dont remeber the link off my head but i sure someone here will asnwer.
as probley the reason why mail been rejected

Steve

 

[jerrek71]

you might want to check if your server ips been blacklisted as there a database that most major companies connect too.
dont remeber the link off my head but i sure someone here will asnwer.
as probley the reason why mail been rejected

Steve

Hi there,
I've had very lengthy discussions with Microsoft about this and checked everything, including being on blacklists. The only blacklist I'm on is Microsoft's and their techs say it's because of the (rather pointless) extra headers sent out by MailScanner, in particular now, the 'X-Spam-Status: no' header.

Thanks,
Steve.

 

[RickG]

Steve:

You need to take a look in the MailScanner rule files.

X-Spam-Status: is an (optional) header one can place in the rule files designed to help Thunderbird users.

If X-Spam-Status: Yes is in the header, Thunderbird automatically moves the received mail into its spam folder. This avoids users having to define triggers based on the word Spam in the subject heading.

Two files where you might find this header is spam.action.rules and spamhigh.action.rules. It might look something like this:

FromOrTo: default deliver header "X-Spam-Status: Yes"

The default value for Non Spam Actions = deliver in MailScanner.conf does not require a ruleset. However, based on the issues you've described, I have a feeling someone created a ruleset and one of the things in it is:

FromOrTo: default deliver header "X-Spam-Status: No"

So I would troubleshoot this by:

1) grep all of your rule files for the X-Spam string
2) look in MailScanner.conf for the "Non Spam Actions" setting and see if it points to a ruleset you might not have picked up in #1


The MailScanner rule files can be found under /usr/mailscanner/etc/rules if installed using ConfigServer's scripts. Otherwise do a locate for these file name. Don't forget to reload MailScanner after making any changes to the rule files.

Post back and let us know if this helped solve the issue.

 

[jerrek71]

Hi Rick,
The rule you mentioned had deliver header "X-Spam-Status: no" so I removed the header part and it appears to have done the trick.

I still find it frustrating that it's put on outbound mail - it would be helpful to have that only for inbound, but then again, the absence of a spam header is just as useful so I shan't worry any more about it

Thanks for your help!
Steve

 

[AndyReed]

The rule you mentioned had deliver header "X-Spam-Status: no" so I removed the header part and it appears to have done the trick.

I still find it frustrating that it's put on outbound mail - it would be helpful to have that only for inbound, but then again, the absence of a spam header is just as useful so I shan't worry any more about it

There is a way to track down the offending script and stopp it from sending out spam. We have our own tools, and I rememer coming cross a script that can track down spam, either on this forum or webhostingtalk.

 

[chirpy]

lfd from our csf firewall will do that.