Delivering mail to Hotmail

By Abhijit Menon-Sen <ams@toroid.org>

2010-04-22

I just helped a friend move mail service for a few domains from his old server to a new one running Postfix, Archiveopteryx, and Roundcube. The move went well, but for one thing: mail sent through the new server to Hotmail was accepted, but never delivered to the recipient's inbox, no matter how permissive the anti spam settings. (Mail sent to GMail and Yahoo worked fine.)

It took us a while to figure out what was going wrong. I had installed SpamAssassin (for the first time; I don't use it myself) as an SMTP content filter in Postfix, and it was adding spam evaluation fields to all mail, including mail relayed to the outside world for the system's users (who submit mail to Archiveopteryx, which forwards it to Postfix for delivery). SA added fields that said "this is not spam":

X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on example.com
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED,AWL
    autolearn=ham version=3.2.5

We had eliminated other possible causes (bad hostname/PTR configuration, DNS blacklists, bad SPF records), so disabling SpamAssassin for outgoing mail was the next thing to try (and I wanted to do it anyway, as soon as I found out it was happening). It was easy to do. I applied the content filter only to mail received over the external network interface, and added a new SMTP service definition without any filters for mail from localhost. So in /etc/postfix/master.cf, I have:

127.0.0.1:smtp inet n - - - - smtpd
A.B.C.D:smtp inet n - - - - smtpd -o content_filter=spamassassin

spamassassin unix - n n - - pipe
    user=spamd argv=/usr/bin/spamc -f -e
    /usr/sbin/sendmail -oi -f ${sender} ${recipient}

Fortunately, Hotmail started accepting and delivering mail from the new server after this change.

I wonder if spammers forge negative SpamAssassin reports in their mail. And… does it ever fool anyone?