Ich habe folgende Spam bekommen, die kam nur durch, weil diese Regel griff.
Wo kommt die her? Wie kommt es, dass ein Spam-Versender sich ein positives Karma erarbeitet?
Macht es sinn, die Regel mit "0" zu überschreiben?
RCVD_IN_HOSTKARMA_W(-2.5)
Wo kommt die her? Wie kommt es, dass ein Spam-Versender sich ein positives Karma erarbeitet?
Macht es sinn, die Regel mit "0" zu überschreiben?
RCVD_IN_HOSTKARMA_W(-2.5)
Code:
2026-01-17T10:18:21.742742+00:00 mx postfix/smtpd[66457]: connect from mail180-49.suw31.mandrillapp.com[198.2.180.49]
2026-01-17T10:18:22.569961+00:00 mx postfix/smtpd[66457]: NOQUEUE: client=mail180-49.suw31.mandrillapp.com[198.2.180.49]
2026-01-17T10:18:22.855014+00:00 mx pmg-smtp-filter[64530]: 115CD696B61EECA349: new mail message-id=<31427829.20260117101813.696b61e5c9b4e3.22433062@mail180-49.suw31.mandrillapp.com>
2026-01-17T10:18:24.973449+00:00 mx pmg-smtp-filter[64530]: 115CD696B61EECA349: SA score=3/5 time=1.988 bayes=undefined autolearn=disabled hits=DKIMWL_WL_MED(-0.001),DKIM_SIGNED(0.1),DKIM_VALID(-0.1),DKIM_VALID_AU(-0.1),DKIM_VALID_EF(-0.1),FROM_TLD_ANY(1),FROM_TLD_OTHER(2),GB_GEN_REDIR_URL(0.5),HEADER_FROM_DIFFERENT_DOMAINS(0.001),HTML_FONT_SIZE_HUGE(0.001),HTML_MESSAGE(0.001),KAM_BODY_MARKETINGBL_PCCC(0.001),KAM_FROM_MARKETINGBL_PCCC(0.001),KAM_MARKETINGBL_PCCC(1),PCCC_HDR_MARKETINGBL(0.001),RCVD_IN_DNSWL_NONE(-0.0001),RCVD_IN_HOSTKARMA_W(-2.5),RCVD_IN_VALIDITY_CERTIFIED_BLOCKED(0.001),RCVD_IN_VALIDITY_RPBL_BLOCKED(0.001),RCVD_IN_VALIDITY_SAFE_BLOCKED(0.001),SCC_10_SHORT_WORD_LINES(0.25),SCC_20_SHORT_WORD_LINES(0.25),SCC_5_SHORT_WORD_LINES(0.25),SPF_HELO_PASS(-0.001),SPF_PASS(-0.001),URIBL_GREY(0.75)
2026-01-17T10:18:24.992180+00:00 mx postfix/smtpd[66466]: connect from localhost[127.0.0.1]
2026-01-17T10:18:25.004247+00:00 mx postfix/smtpd[66466]: 00E4211703: client=localhost[127.0.0.1], orig_client=mail180-49.suw31.mandrillapp.com[198.2.180.49]
2026-01-17T10:18:25.007460+00:00 mx postfix/cleanup[66467]: 00E4211703: message-id=<31427829.20260117101813.696b61e5c9b4e3.22433062@mail180-49.suw31.mandrillapp.com>
2026-01-17T10:18:25.048510+00:00 mx postfix/qmgr[823]: 00E4211703: from=<bounce-md_31427829.696b61e5.v1-96758d0cda22444a873763a1e429cff0@mandrillapp.com>, size=28970, nrcpt=1 (queue active)
2026-01-17T10:18:25.048871+00:00 mx postfix/smtpd[66466]: disconnect from localhost[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
2026-01-17T10:18:25.049009+00:00 mx pmg-smtp-filter[64530]: 115CD696B61EECA349: accept mail to <mail@domain> (00E4211703) (rule: default-accept)
2026-01-17T10:18:25.058341+00:00 mx pmg-smtp-filter[64530]: 115CD696B61EECA349: processing time: 2.216 seconds (1.988, 0.122, 0)
2026-01-17T10:18:25.059097+00:00 mx postfix/smtpd[66457]: proxy-accept: END-OF-MESSAGE: 250 2.5.0 OK (115CD696B61EECA349); from=<bounce-md_31427829.696b61e5.v1-96758d0cda22444a873763a1e429cff0@mandrillapp.com> to=<mail@domain> proto=ESMTP helo=<mail180-49.suw31.mandrillapp.com>
2026-01-17T10:18:25.060192+00:00 mx postfix/smtpd[66457]: disconnect from mail180-49.suw31.mandrillapp.com[198.2.180.49] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
2026-01-17T10:18:32.359106+00:00 mx postfix/smtp[66468]: 00E4211703: to=<mail@domain>, relay=172.30.0.3[172.30.0.3]:25, delay=7.4, delays=0.05/0.03/6.6/0.73, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as D9D423219A)
2026-01-17T10:18:32.359620+00:00 mx postfix/qmgr[823]: 00E4211703: removed