[wp-trac] [WordPress Trac] #39709: Add filler content to New Site Registration email to avoid space ratio spam rule

WordPress Trac noreply at wordpress.org
Thu Jan 26 19:57:09 UTC 2017


#39709: Add filler content to New Site Registration email to avoid space ratio spam
rule
-------------------------+-----------------------------
 Reporter:  iandunn      |      Owner:
     Type:  enhancement  |     Status:  new
 Priority:  normal       |  Milestone:  Awaiting Review
Component:  Mail         |    Version:
 Severity:  normal       |   Keywords:
  Focuses:  multisite    |
-------------------------+-----------------------------
 I noticed SpamAssassin on helpscout.net is coming very close to flagging
 the `New Site Registration` emails as spam.

 The biggest rule being triggered is
 [https://wiki.apache.org/spamassassin/Rules/TVD_SPACE_RATIO
 `TVD_SPACE_RATIO_MINFP`], with a weight of `2.5`, getting the message 50%
 of the way to the the default threshold of `5`. That rule looks for
 excessive whitespace in the message body, and I'm guessing it's being
 triggered by the high ratio of newlines to paragraph text. I uploaded
 [http://pastebin.com/tDyEfShL a pastebin with the full headers and body].

 I don't have time right now to verify whether or not helpscout.net is
 using the default SpamAssassin configuration, or if they've weighted this
 rule more heavily for some reason, but even if they have, it seems likely
 that others will as well. Additionally, the current message text seems
 like poor UX, and I think the fix for the spam issue would also fix that.

 I think the fix would be to add some filler text to the message body, to
 decrease the ratio of newlines to paragraph text. e.g.:

 > Howdy, this is your WordPress multisite installation at {example.org}. I
 thought you'd like to know that a new site was created. The details are
 below:

 It doesn't really matter what the text is, as long as it's a normal
 sentence or two, so whatever makes the most sense from a UX point of view
 will probably be fine.

 If the new text does include the domain name, I think we should avoid
 entering a full URL, because that could trigger other spam rules. (As an
 aside, I think it's generally a bad idea to include URLs in emails, since
 it trains users to expect and click them, which makes them more vulnerable
 to phishing. That's another ticket, though.)

 I think the next steps for this ticket would be:

 1. Reproduce the issue with a local SpamAssassin instance, to verify that
 `2.5` is the default score for this message (rather than something Help
 Scout modified)
 1. Test that adding some filler text will prevent the rule from being
 triggered. I don't think it'll really matter what the text is, for the
 purposes of testing.
 1. Decide on what the best text would be from a UX perspective

--
Ticket URL: <https://core.trac.wordpress.org/ticket/39709>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list