C-Command Software Forum

SS Catching all but one Source of Spam...

SS is Catching all but one Source of Spam…HTML ads for Viagra, I have tried to train SS to recognize these ads, but nothing works because they are coming from my own spoofed email address.

Is there a perference to tag HTML emails that come from certain email addresses that are in my address book (mine)

—The webserver I use does recongize these Adds and gives the point system below, not sure if its any help, but here are the 3 I received today, they are all the same add from my own email address:

Spam detection software, activated on this account, has identified
this incoming email as possible spam. The original message has been
attached to this so you can view it (if it isn’t spam) or block
similar future email. Visit the email manager or contact the email
administrator for details.

Content preview: Great news You have received this email because you subscribed
to the Cokyjgefy email newsletter. If you have trouble reading this email,
click here to view the web version. Forward this Email to a Friend …]

Content analysis details: (16.0 points, 5.1 required)

pts rule name description


1.6 URIBL_AB_SURBL Contains an URL listed in the AB SURBL blocklist
[URIs: lyifusas.cn]
2.1 URIBL_WS_SURBL Contains an URL listed in the WS SURBL blocklist
[URIs: lyifusas.cn]
2.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist
[URIs: lyifusas.cn]
2.0 URIBL_BLACK Contains an URL listed in the URIBL blacklist
[URIs: lyifusas.cn]
1.5 EXCUSE_REMOVE BODY: Talks about how to be removed from mailings
2.2 HTML_IMAGE_ONLY_24 BODY: HTML: images with 2000-2400 bytes of words
0.0 HTML_MESSAGE BODY: HTML included in message
1.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
1.6 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP address
[83.21.162.181 listed in dnsbl.sorbs.net]
0.5 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
[83.21.162.181 listed in zen.spamhaus.org]

The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.


Spam detection software, activated on this account, has identified
this incoming email as possible spam. The original message has been
attached to this so you can view it (if it isn’t spam) or block
similar future email. Visit the email manager or contact the email
administrator for details.

Content preview: Updates Can’t see the images? View a website version here.
Subscription Administration You are receiving this Email Alert because you
are subscribed to updates from Iyzqn Daily. Unsubscribe? Clicking the “junk”
button in your email client won’t take you off our list. If you want to unsubscribe,
please do it properly by removing yourself from our list. …]

Content analysis details: (05.2 points, 5.1 required)

pts rule name description


0.5 FH_HELO_EQ_D_D_D_D Helo is d-d-d-d
2.9 HELO_DYNAMIC_IPADDR Relay HELO’d using suspicious hostname (IP addr
1)
0.0 HTML_MESSAGE BODY: HTML included in message
1.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.1 RDNS_DYNAMIC Delivered to trusted network by host with
dynamic-looking rDNS

The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.


Spam detection software, activated on this account, has identified
this incoming email as possible spam. The original message has been
attached to this so you can view it (if it isn’t spam) or block
similar future email. Visit the email manager or contact the email
administrator for details.

Content preview: About this mailing: You are receiving this e-mail because
you subscribed to MSN Featured Offers. If you do not wish to receive this
MSN Featured Offers e-mail, please click the “Unsubscribe” link below. This
will not unsubscribe you from e-mail communications from third-party advertisers
that may appear in MSN Feature Offers. This shall not constitute an offer
by MSN. MSN shall not be responsible or liable for the advertisers’ content
nor any of the goods or service advertised. Prices and item availability
subject to change without notice. …]

Content analysis details: (19.4 points, 5.1 required)

pts rule name description


2.0 URIBL_BLACK Contains an URL listed in the URIBL blacklist
[URIs: sdecinam.cn]
0.5 FH_HELO_EQ_D_D_D_D Helo is d-d-d-d
2.9 HELO_DYNAMIC_IPADDR Relay HELO’d using suspicious hostname (IP addr
1)
0.0 MISSING_DATE Missing Date: header
1.8 HTML_IMAGE_ONLY_20 BODY: HTML: images with 1600-2000 bytes of words
0.0 HTML_MESSAGE BODY: HTML included in message
1.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
1.6 URIBL_AB_SURBL Contains an URL listed in the AB SURBL blocklist
[URIs: sdecinam.cn]
2.1 URIBL_WS_SURBL Contains an URL listed in the WS SURBL blocklist
[URIs: sdecinam.cn]
2.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist
[URIs: sdecinam.cn]
0.5 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
[URIs: sdecinam.cn]
[124.122.45.186 listed in zen.spamhaus.org]
0.1 RDNS_DYNAMIC Delivered to trusted network by host with
dynamic-looking rDNS
0.6 HTML_SHORT_LINK_IMG_3 HTML is very short with a linked image
2.8 RATWARE_MS_HASH Bulk email fingerprint (msgid ms hash) found

The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.

That’s easy to correct. Please see this page about using the “Exclude my addresses” feaure.