I've enabled SpamAssassin on one of my domains and set the tag level to 3 and the quarantine level to 4 on one of the email accounts. It seemed to be working until I got an email today that wasn't tagged or quarantined. When I looked at the full header I saw it contained:
Subject: 0nline software, Download Macromedia, Windows & others Instantly
Date: Wed, 02 Nov 2005 15:01:53 +0300
X-MimeOLE: Produced By Microsoft MimeOLE V4.71.2730.2
Content-Type: multipart/mixed; boundary="--aJMZgeF49dfvH6aCF"
X-DH-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at enforcer
X-Spam-Status: No, hits=12.3 tagged_above=-999.0 required=999.0
tests=HELO_DYNAMIC_IPADDR, HTML_MESSAGE, HTML_TAG_EXIST_TBODY,
MIME_HTML_ONLY, RCVD_IN_NJABL_DUL, URIBL_AB_SURBL, URIBL_SBL,
Doesn't "hits=12.3" mean it should have been tagged or in fact quarantined? I don't get why it contains right after "tagged_above=-999.0 required=999.0" when these are not my settings for the account.
The only thing I can think of is this email came from an alias on a different domain that forwards to the account vs. straight to the account email address. I've read that SpamAssassin doesn't block email that comes from another DreamHost domain, it only blocks when the email first hits a DreamHost domain. But the other domain has Spam Assassin enabled, but doesnt' have any real mailboxes, just forwards to other real email addresses in other domains, so how am I to get spam blocking.
Surely there is a way for SpamAssassin to handle this properly without me setting up real mailboxes for every forwarding address and having to manage SpamAssassin settings and quarantine folders on multiple domains...