LLNG mails flagged as spam by SpamAssassin
Affected version
Version: %2.16.2
Platform: Nginx
Summary
The mails sent by my instance of LemonLDAP are flagged as spam by SpamAssassin.
Details and possible fixes
Here are the detailed scores:
Spam detection results: 3
ALL_TRUSTED -1 Passed through trusted hosts only via SMTP
HTML_IMAGE_ONLY_12 1.629 HTML: images with 800-1200 bytes of words
HTML_MESSAGE 0.001 HTML included in message
KAM_DMARC_NONE 0.25 DKIM has Failed or SPF has failed on the message and the domain has no DMARC policy
KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
MIME_HTML_ONLY 0.1 Message only has text/html MIME parts
MISSING_MID 0.14 Missing Message-Id: header
TO_NO_BRKTS_HTML_IMG 1.999 To: lacks brackets and HTML and one image
Most of this is irrelevant, because it is my internal MTA that is flagging the email so it is not yet dmark-ed and dkim-ed, but these scores are self-canceling with the ALL_TRUSTED rule.
The relevant rules are:
HTML_IMAGE_ONLY_12 1.629 HTML: images with 800-1200 bytes of words
MIME_HTML_ONLY 0.1 Message only has text/html MIME parts
TO_NO_BRKTS_HTML_IMG 1.999 To: lacks brackets and HTML and one image
- For the first one, i don't see an obvious fix, it would be dumb to add content to the email just for the shake of satisfying this rule.
- The second one is not really a huge problem but it can be an easy fix, it just need to add a text/plain part to the email next to the html version.
- The last one is also an easy fix. It triggers (among other reasons) because the
To:
field of the email don't contains brackets<>
. Currently, this containsTo: $mail
. I've fixed it temporary by editing https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/blob/v2.0/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SMTP.pm#L145 to containsTo => '<' . $mail . '>'
and it passes the rule correctly. A prettier solution would be to use the $cn of the user to forge a nice To field in the email, something like$cn . '<' . $mail . '>'
.