James Hammett
EF4
Here's the relevant piece of the header from a flagged email:
X-Spam-Status: ... tests=[BAYES_50=0.001, HELO_LH_LD=[B]1.215[/B], RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SPF_NEUTRAL=0.686]
The big hits there are that HELO is set to localhost.localdomain (HELO_LH_LD) and that's triggering the outbound IP (64.150.187.170) to be listed in the Spamhaus XBL list. You can see the source of the listing here: http://cbl.abuseat.org/lookup.cgi?ip=64.150.187.170 . There are other less severe issues as well like no RDNS or SPF records configured.
Received: from localhost.localdomain (unknown [64.150.187.170])
by mail.***.com (Postfix) with ESMTP id 8A293BF995A9
for <***@***.com>; Wed, 13 Jul 2011 19:20:33 -0500 (CDT)
Assuming there's no underlying spambot infection this is an easy configuration change on the server.
X-Spam-Status: ... tests=[BAYES_50=0.001, HELO_LH_LD=[B]1.215[/B], RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SPF_NEUTRAL=0.686]
The big hits there are that HELO is set to localhost.localdomain (HELO_LH_LD) and that's triggering the outbound IP (64.150.187.170) to be listed in the Spamhaus XBL list. You can see the source of the listing here: http://cbl.abuseat.org/lookup.cgi?ip=64.150.187.170 . There are other less severe issues as well like no RDNS or SPF records configured.
Received: from localhost.localdomain (unknown [64.150.187.170])
by mail.***.com (Postfix) with ESMTP id 8A293BF995A9
for <***@***.com>; Wed, 13 Jul 2011 19:20:33 -0500 (CDT)
Assuming there's no underlying spambot infection this is an easy configuration change on the server.
