HOME / COMMUNITY Switch to knowledge base

Activation email snagged by spam filter

My activation email for ‘here’ got snagged as spam largely on account of
TVD_PH_SUBJ_ACCOUNTS_POST=3.099
which is a spamassassin filter that basically looks for the word “Account” in the subject line.
“Welcome to QuickFile Community” or similar would probably avoid this problem.

I’d be very surprised if they were filtering out any emails with the word “Account” in the subject line.

@zogstrip, have you heard any similar reports on other Discourse communities?

Hi Glenn,

you can see the default SpamAssassin regexp here:
http://www.antivirushelptool.com/spamassassin/header/TVD_PH_SUBJ_ACCOUNTS_POST
I am not a regexp expert (I’m of the “now you have two problems” school) but it appears to me that it is looking for things like “activate your account”.

Of itself it is not enough to trigger the filter; in my case I still had AHBL running on account of not updating spamassin for ages:
http://www.ahbl.org/content/changes-ahbl
and that pushed it over the limit (surprised that the absence of AHBL did this, but there you go).
Dom

As you say it probably wouldn’t be enough to tip it over the edge. The main thing we focused on was the SPF record is valid when we configured the SMTP on here.

Our forum platform is maintained by Discourse so I will see if they can shed any light on this.

If the “new account” subject lines are configurable and the current one used is getting caught by that regex, then we’ll certainly look at changing it.

Thanks for the feedback!

That’s the first time I’ve heard of such a report. Maybe @codinghorror did?

Hmm, here is TVD_PH_SUBJ_ACCOUNTS_POST per the documentation:

Subject =~ /\b(?:(?:re-?)?activat[a-z]*| secure| verify| restore| flagged| limited| unusual| update| report| notif(?:y| ication)| suspen(?:d| ded| sion)| co(?:n| m)firm[a-z]*) (?:[a-z_,-]+ )*?accounts?\b/i

Our title is

[Discourse] Activate your new account

That does seem to match the above subject regex, which is odd… and annoying.

I test signed up for Twitter just now and I got an email of the form

Confirm your Twitter account, {username}

So I guess I’ll change the copy to that, seems harmless enough.

2 Likes

Which works just fine up until the spammers / phishers also have a look at the SpamAssassin regexp and realise that they too should use a Twitter-style “Confirm your account” Subject line. It’s not my trainset but I do humbly suggest that something along the lines of “Welcome to $thing Community” will cause fewer problems for longer. Or perhaps “Complete registration for $thing community”.

NB the rule regarding “Local part of To: address appears in Subject” - which would appear to weigh against the use of {username}.