Received-SPF: pass (Last token {include:_spf.mnsi.net} (res=PASS)) client-ip=216.8.137.208; envelope-from=<steve@psp101.net>; x-ip-name=surgemail-east.wndson17.mnsi.net;
X-Received: from surgemail.mnsi.net (surgemail-east.wndson17.mnsi.net [216.8.137.208])
by netwin.co.nz (SurgeMail 7.3p) with ESMTP id 5107036-1391920
for <surgemail-list@netwinsite.com>; Mon, 12 Nov 2018 20:16:29 +0000
X-Return-Path: steve
X-Default-Received-SPF: pass (skip=forwardok (res=PASS)) x-ip-name=216.8.136.155;
To: surgemail-list@netwinsite.com
From: Steve Perrault
Subject: [SurgeMail List] "Has Sent To Catcher"
Message-ID: <70ac70f4-fb36-d966-61fc-1641c45c01ee@psp101.net>
Date: Mon, 12 Nov 2018 15:16:25 -0500
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101
Thunderbird/60.3.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-X-Authenticated-User: sperraul@mnsi.net
X-Vpipe: Scanner said ok (av_avast)
X-X-SpamDetect: : -1.000000 NotSpamFlag=-1.0
X-NotAscii: charset=utf-8;
X-LangGuess: English
X-Probe: +OK skipped, user logged in
X-Phrase: IsSpam score=1.00
X-X-Encryption: SSL encrypted
X-X-MyRbl: Color=Yellow Age=0 Spam=0 Notspam=0 Stars=1 Good=94 Friend=105 Surbl=0 Catch=0 r=9.3e-05 ip=216.8.136.155
X-IP-stats: Catcher Isspam Notspam Incoming Last 0, First 1033, in=824064, out=0, spam=32 Known=true ip=216.8.136.155
X-Originating-IP: 216.8.137.208
X-Country: code=CA country="Canada" ip=216.8.137.208
X-Rcpt-To: <surgemail-list@netwinsite.com>
X-SpamDetect: *****: 5.0 sd=5.0 NoRule 0.04(X-myrbl:Color=white) 0.90(X-Phrase:isspam) 0.90(NumbericDomain) 0.24(StandardTLD) 0.74(X-Verify-Helo:-ERR) 0.27(X-NotAscii:utf) 0.40(spfpass) 0.43(X-LangGuess:English) Saned 5.0 sanitym 3.5 -> 5.0 NotSaned s=3.5 was=5.0 Sval 3.5
X-NotAscii: charset=utf-8;
X-LangGuess: English
X-Probe: +OK no bad urls to scan
X-Phrase: IsSpam score=1.00
X-Verify-Helo: -ERR missmatch: surgemail.mnsi.net->216.8.137.208->surgemail-east.wndson17.mnsi.net
X-MyRbl: Color=White Age=34 Spam=0 Notspam=0 Stars=0 Good=67 Friend=212 Surbl=0 Catch=0 r=0 ip=216.8.137.208
X-IP-stats: No info recorded yet ip=216.8.137.208
List-Unsubscribe: <mailto:surgemail-list-leave@netwin.co.nz?subject=unsubscribe>
X-Mailing-List: surgemail-list@netwin.co.nz
List-ID: <surgemail-list@netwin.co.nz>
Precedence: bulk
Reply-To: surgemail-list@netwin.co.nz
Got an IP causing a spam score with the cause "Has Sent To Catcher"
My logs only go back a few months, so this must have happened before
then. The IP is not in any emails in my aspam_catch folder, or aspam_bad
I've retrained, but it's still getting the score. I've tried tellmail
spf_clear, but no dice.
I see the rule for this:
if (isin("X-IP-stats","Notspam")) then^M
call spamdetect(-1,"NotSpamFlag")^M
else ^M
if (isin("X-IP-stats","Catcher")) then^M
call spamdetect(3,"Has Sent To Catcher")^M
end if ^M
if (isin("X-IP-stats","GreyPassed")) then^M
if (isin("X-IP-stats","First 0,")) then^M
call spamdetect(1,"GreyPassed")^M
end if ^M
end if ^M
end if ^M
^M
Where do I find this IP in the system, and how do I release it?
- SteveP
|