SpamAssassin: avoid FREEMAIL_REPLYTO on Contact Form

email spam spamassassin
11,423

I do not think you can do anything about it, as these rules are exactly matching what you're doing. I would say the rules get way too much spam points and discriminates against freemail, as your use case definitely shows, but that's a decision of the spamassassin devs.

If it only goes to your mailserver, change the spamassassin config. It's perfectly normal that you reassign different points for different use cases.

Another solution is to add negative spam points for this use case. You can add some "via_webform -5.0" rule,i.e. by setting a X-via-webform header when sending the mail and matching it with spamassassin.

Using only internal routing may score you "only trusted relays" negative points as well.

Or consider not running spamassassin on these mails and filter in the webform, i.e. with a captcha only.

Share:
11,423

Related videos on Youtube

Sygmoral
Author by

Sygmoral

Updated on September 18, 2022

Comments

  • Sygmoral
    Sygmoral almost 2 years

    Suppose: someone fills out my contact form on www.example.com/contact/.

    My server-side script sends this information to a sales person at the organization.

    • To make SPF work, I set the "From" as [email protected]
    • To make the "Reply" button work (for the sales person), I set "Reply-To" to the email address that the website visitor has filled in

    Now, apparently this is a problem: if someone fills in the contact form with a gmail or hotmail email address for example, it triggers the following SpamAssassin rules:

    • 2.1 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
    • 1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different freemails

    How am I supposed to avoid that while keeping SPF working and keeping the Reply button working for the person that receives this email? Or is it simply not possible?

    Note that I do not want to change SpamAssassin config because I would like to figure out how to fix this in general.

    • Alessandro Carini
      Alessandro Carini almost 8 years
      Your server-side script send the mail from server IP or trough a relay? In the former case just check if is possible to whitelist that IP.
    • Kondybas
      Kondybas almost 8 years
      What MTA you have used?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Why do SpamAssassin and Razor2 penalize for specific domain name in HTML body?
how to avoid email header Received: from unknown and email going to spam
PermError SPF Permanent Error: Too many DNS lookup
PHP - Send email from other domain without being spam!
sending mail with php & escaping hotmails junk folder
Fake Bounce Spam Emails in Gmail - Are These Really That Fake?
Gmail is marking my emails as SPAM - Please help
How to avoid getting spam through a website?
My website's email is being marked as spam, how do I analyse a X-CNFS-Analysis email header?
Way to list "Contact Us" email address on web site, yet reduce likelihood of spam?