|
|
|
使用MD英文版9.0以上版本,其中有一份垃圾邮件很难处理,邮件的一些信息如下:
说明:ganyy@abc.com和hfl@abc.com都是公司真实的正常用户,目前在防止垃圾邮件方面,启用了白名单对自己的域用户即@abc.com;另外启用了DNSBL,如果发现某一个IP在DNSBL禁止库中且其邮件已经被识别为垃圾邮件(通过评分机制)邮件头含有垃圾邮件标示字符spam则删除该邮件。目前这个邮件处理难点是,因为其做了假,冒充是白名单域,故不会识别为垃圾邮件也就不会修改邮件头增加spam字段,虽然DNSBL识别了,但是因为不满足其删除条件,故不会删除,请高手指点
以下是邮件的邮件头:
Return-path: <c.meer@exert.nl>
X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29)
X-Spam-Level:
X-Spam-Status: No, score=-79.1 required=5.0 tests=BAYES_99,HELO_DYNAMIC_HCC,
HELO_DYNAMIC_IPADDR2,MDAEMON_DNSBL,USER_IN_WHITELIST autolearn=no
version=3.1.5
X-Spam-Report:
* 4.1 HELO_DYNAMIC_HCC Relay HELO'd using suspicious hostname (HCC)
* 3.8 HELO_DYNAMIC_IPADDR2 Relay HELO'd using suspicious hostname (IP
* addr 2)
* 3.0 MDAEMON_DNSBL MDaemon: marked by MDaemon's DNSBL
* -100 USER_IN_WHITELIST From: address is in the whitelist
* 10 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
* [score: 1.0000]
Authentication-Results: abc.com
[email=smtp.mail=c.meer@exert.nl]smtp.mail=c.meer@exert.nl[/email]; spf=neutral; ip-match=fail
Authentication-Results: abc.com
[email=header.from=c.meer@exert.nl]header.from=c.meer@exert.nl[/email]; domainkeys=neutral (not signed); dkim=neutral (not signed)
X-MDDK-Result: neutral (abc.com)
X-MDDKIM-Result: neutral (abc.com)
X-MDSPF-Result: none (abc.com)
Received-SPF: none (abc.com: c.meer@exert.nl does not
designate permitted sender hosts)
x-spf-client=MDaemon.PRO.v9.5.2
receiver=abc.com
client-ip=201.223.61.173
envelope-from=<c.meer@exert.nl>
helo=173-61-223-201.adsl.terra.cl
Received: from 173-61-223-201.adsl.terra.cl (173-61-223-201.adsl.terra.cl [201.223.61.173])
by abc.com (abc.com)
(MDaemon PRO v9.5.2)
with ESMTP id md50000977055.msg
for <hfl@abc.com>; Mon, 14 Apr 2008 13:43:34 +0800
X-Originating-IP: 182.168.230.99 by smtp.190.0.84.194; Mon, 14 Apr 2008 01:41:49 -0500
Message-ID: <umflnBPLAVKganyy@abc.com>
From: "Maura Kendrick" <ganyy@abc.com>
Reply-To: "Maura Kendrick" <ganyy@abc.com>
To: ganyy@abc.com
Subject: Inexpensive Louis Vuitton bags
Date: Mon, 14 Apr 2008 01:41:49 -0500
Content-Type: text/plain;
Content-Transfer-Encoding: 7Bit
X-RBL-Warning: mail from 201.223.61.173 refused, see http://www.ordb.org/faq/
X-Lookup-Warning: MAIL lookup on c.meer@exert.nl does not match 201.223.61.173
X-MDRcpt-To: hfl@abc.com
X-Rcpt-To: hfl@abc.com
X-MDRemoteIP: 201.223.61.173
X-Return-Path: c.meer@exert.nl
X-Envelope-From: c.meer@exert.nl
X-MDaemon-Deliver-To: hfl@abc.com
X-Spam-Processed: abc.com, Mon, 14 Apr 2008 13:43:35 +0800
X-MDAV-Processed: abc.com, Mon, 14 Apr 2008 13:43:35 +0800
以下是邮件的正文:
The new Porsche Design watches originated from the novel Titanium Chronograph from the 1970's, an absolutely unique creation due to the perfection of its workmanship. Based on its design, the Porsche Design Company developed an appealing, stylish, sporty and highly accurate watch. Unfortunately, these timepieces come with a high price tag.
http://pugybyno56350.blogspot.com/
That's why a clever group of European manufacturers decided to offer the same exact functionality and style at greatly reduced prices: the Porsche Design replica watches. These replicas are so similar to the brand name pieces that it is practically impossible to tell them apart, other than by their price. They look the same, they function the same and they definitely don't have the same prices  How would you like to browse through an amazing collection of these watches and marvel yourself with their low prices? Visit Prestige Replicas and see for yourself why sometimes replicas are so much better than the originals!
http://pugybyno56350.blogspot.com/
以下是发送方及接受方及主题:
发送方Maura Kendrick [ganyy@abc.com]
接受方ganyy@abc.com
主题Inexpensive Louis Vuitton bags |
|
狗仔卡
发表于 2008-4-23 15:50:07
收藏
分享
淘帖
支持
反对
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
楼主