Hi guys,
thank you all for your advice!
Am 2024-05-10 22:39, schrieb Bowie Bailey:
The rules with the low scores are not intended to contribute to the
spam score for the email. They only have a defined score at all
because if the score is 0, SA will not run the rule.
It works like this:
Rule A has a score of 0.001
Rule B has a score of 0.001
Rule C is a meta that matches if both A and B match, and has a score of
5
It doesn't matter how small the scores are for rule A and B. The only
thing that matters is the score for rule C. If only A matches, then it
adds 0.001 to the score and the email is not spam. If only B matches,
then you get the same result. But if they both match, then you get a
score of 5.002. The entire point of the 0.001 score is that you could
match 100 of these rules and not affect the spam score.
These rules are generally things like, "the email has HTML", "there is
an SPF check", "there is a google drive link", etc. On their own, they
do not mean anything, but metas can combine these low-scored rules into
meaningful patterns that are then given larger scores.
Can I just take the names of the rules?
e.g. at least two checks should fire:
meta MULTIPLE_TESTS (( RAZOR2_CF_RANGE_51_100 + RAZOR2_CHECK +
URIBL_ABUSE_SURBL) > 1)
score MULTIPLE_TESTS 1
found in
X-Spam-Status: No, score=5.908 tagged_above=2 required=6.31
tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
DKIM_VALID_EF=-0.1, DMARC_PASS=-0.001, FSL_BULK_SIG=0.001,
HTML_MESSAGE=0.001, RAZOR2_CF_RANGE_51_100=2.43, RAZOR2_CHECK=1.729,
SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_ABUSE_SURBL=1.948]