Your guidance was of paramount help. Thank you again!! I tracked the issue down and here is my resolution…
Looking at the headers of the email message that should have been blocked based on zrd-dqs-ehlo I noticed those two lines that were messing with the spam score by adding a -5 to the total score:
-2.0 RCVD_IN_VALIDITY_SAFE RBL: Sender in Validity Safe - Contact
[email protected]
[Excessive Number of Queries | <https://knowledge.validity.com/hc/en-us/articles/20961730681243>]
-3.0 RCVD_IN_VALIDITY_CERTIFIED RBL: Sender in Validity Certification -
Contact [email protected]
[Excessive Number of Queries | <https://knowledge.validity.com/hc/en-us/articles/20961730681243>]
I am not interested in Validity’s RBL so I decided to disable these checks by following the instructions here.
Copying below for reference:
- Create the file
custom.cfby runningtouch /etc/mail/spamassassin/custom.cf(or open it if it exists) - Add the following content to the new file:
dns_query_restriction deny sa-trusted.bondedsender.org
dns_query_restriction deny sa-accredit.habeas.com
dns_query_restriction deny bl.score.senderscore.com
- Check for any errors with
spamassassin --lintand restart service withsystemctl restart spamd
After solving my issue, I started searching for “is validity’s RBL of any use?” and guess what I found?
By the way, a lot of people on the internet seem to suggest to disable checks to Validity RBL 