My FM mailbox just received false-positive spam email because of VADESPAM.
Code:
X-Spam-hits: BAYES_50 0.8, DCC_CHECK 1.1, ME_VADESPAM 5, ME_ZS_CLEAN -0.001, RCVD_IN_DNSWL_MED -2.3, SPF_PASS -0.001, LANGUAGES en, BAYES_USED user, SA_VERSION 3.4.2
This is surprising since it's a plaintext message from a .GOV sender containing no URLs at all, just a one-time code for 2FA. SPF, DKIM, and DMARC all pass. Only failure I see in the headers is x-ptr due to HELO misalignment.
Please consider adding rules that help .GOV and .MIL senders. Those two TLDs are tightly locked down.