We received lots of these emails to multiple valid email accounts: May-03-14 19:18:00 id-08680-05722 [Worker_4] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] Originating IP/HELO: 70.164.26.66 / wsip-70-164-26-66.ri.ri.cox.net May-03-14 19:18:00 id-08680-05722 [Worker_4] [MissingMX] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] [scoring] MX missing (cache): royalthames.com May-03-14 19:18:00 id-08680-05722 [Worker_4] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] Message-Score: added 10 (mxValencePB) for MX missing (cache): royalthames.com, total score for this message is now 10 May-03-14 19:18:00 id-08680-05722 [Worker_4] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] HMM-Check has given less than 6 results - using monitoring mode only May-03-14 19:18:00 id-08680-05722 [Worker_4] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] HMM Check [monitoring] - Prob: 0.92506 => spam May-03-14 19:18:00 id-08680-05722 [Worker_4] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] Bayesian Check - Prob: 0.00871 => ham May-03-14 19:18:00 id-08680-05722 [Worker_4] [MessageOK] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] message ok [invoice 052019417E AI5KSP] -> /Applications/assp/okmail/--172831.eml May-03-14 19:18:00 [Worker_5] Connected: session:7FA119A169C0 192.168.1.2:36416 > 192.168.1.9:25 > 127.0.0.1:10026 May-03-14 19:18:00 [Worker_4] Finished message - received DATA size: 1.52 kByte - sent DATA size: 2.24 kByte May-03-14 19:18:00 [Worker_4] Disconnected: session:7FA0F6A0F900 192.168.1.2 - processing time 0 seconds May-03-14 19:18:01 [Worker_5] Info: VRFY - found [email protected] in VRFY-cache (ldaplistdb) May-03-14 19:18:01 id-08680-10136 [Worker_5] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] Originating IP/HELO: 70.164.26.66 / wsip-70-164-26-66.ri.ri.cox.net May-03-14 19:18:01 id-08680-10136 [Worker_5] [MissingMX] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] [scoring] MX missing (cache): royalthames.com May-03-14 19:18:01 id-08680-10136 [Worker_5] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] Message-Score: added 10 (mxValencePB) for MX missing (cache): royalthames.com, total score for this message is now 10 May-03-14 19:18:01 id-08680-10136 [Worker_5] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] HMM-Check has given less than 6 results - using monitoring mode only May-03-14 19:18:01 id-08680-10136 [Worker_5] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] HMM Check [monitoring] - Prob: 0.92506 => spam May-03-14 19:18:01 id-08680-10136 [Worker_5] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] Bayesian Check - Prob: 0.00871 => ham May-03-14 19:18:01 id-08680-10136 [Worker_5] [MessageOK] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] message ok [invoice 052019417E AI5KSP] -> /Applications/assp/okmail/--172832.eml May-03-14 19:18:01 [Worker_4] Connected: session:7FA119848298 192.168.1.2:36417 > 192.168.1.9:25 > 127.0.0.1:10026 May-03-14 19:18:01 [Worker_5] Finished message - received DATA size: 1.52 kByte - sent DATA size: 2.24 kByte May-03-14 19:18:01 [Worker_5] Disconnected: session:7FA119A169C0 192.168.1.2 - processing time 1 seconds May-03-14 19:18:01 [Worker_4] Info: VRFY - found [email protected] in VRFY-cache (ldaplistdb) May-03-14 19:18:02 id-08681-10707 [Worker_4] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] Originating IP/HELO: 70.164.26.66 / wsip-70-164-26-66.ri.ri.cox.net May-03-14 19:18:02 id-08681-10707 [Worker_4] [MissingMX] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] [scoring] MX missing (cache): royalthames.com May-03-14 19:18:02 id-08681-10707 [Worker_4] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] Message-Score: added 10 (mxValencePB) for MX missing (cache): royalthames.com, total score for this message is now 10 May-03-14 19:18:02 id-08681-10707 [Worker_4] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] HMM-Check has given less than 6 results - using monitoring mode only May-03-14 19:18:02 id-08681-10707 [Worker_4] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] HMM Check [monitoring] - Prob: 0.92506 => spam May-03-14 19:18:02 id-08681-10707 [Worker_4] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] Bayesian Check - Prob: 0.00871 => ham May-03-14 19:18:02 id-08681-10707 [Worker_4] [MessageOK] 192.168.1.2 [OIP: 70.164.26.66] <[email protected]> to: [email protected] message ok [invoice 052019417E AI5KSP] -> /Applications/assp/okmail/--172833.eml
etc How can I get the HMM-Check to get more than 6 results so that it blocks the email? Email header is: From: [email protected], [email protected] Subject: invoice 052019417E / AI5KSP Date: 3 May 2014 8:19:35 PM AEST To: [email protected] Return-Path: <[email protected]> Delivered-To: [email protected] Received: from astaro1.bordo.com.au (localhost [127.0.0.1]) by mail.bordo.com.au (Postfix) with ESMTP id 05A383AF8FC6 for <[email protected]>; Sat, 3 May 2014 19:18:01 +1000 (EST) Received: from astaro1.bordo.com.au ([192.168.1.2] helo=astaro1.bordo.com.au) by mail.bordo.com.au with SMTP (2.4.2); 3 May 2014 19:18:01 +1000 Received: from wsip-70-164-26-66.ri.ri.cox.net ([70.164.26.66]:9803) by astaro1.bordo.com.au with esmtp (Exim 4.76) (envelope-from <[email protected]>) id 1WgW4M-0007lF-0u; Sat, 03 May 2014 19:17:20 +1000 Message-Id: <[email protected]> User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="------------050301030700030305050509" X-Assp-Id: mail.bordo.com.au id-08681-10707 X-Assp-Session: 7FA119848298 (mail 1) X-Assp-Oip: 70.164.26.66 X-Assp-Envelope-From: [email protected] X-Assp-Intended-For: [email protected] X-Assp-Version: 2.4.2(14121) on mail.bordo.com.au X-Assp-Received-Spf: none (cache) ip=70.164.26.66 [email protected] helo=wsip-70-164-26-66.ri.ri.cox.net X-Original-Authentication-Results: mail.bordo.com.au; spf=none X-Assp-Message-Score: 10 (MX missing (cache): royalthames.com) X-Assp-Ip-Score: 10 (MX missing (cache): royalthames.com) X-Assp-Detected-Uri: googleusercontent.com(1), wizzair.com(2), royalthames.com(1) X-Assp-Spam-Prob: 0.00871 X-Assp-Hmm-Spam-Prob: 0.92506 X-Assp-Spam-Level: *** Email body is just a link to an image. ASSP version 2.4.2(14123) Thanks, James. ------------------------------------------------------------------------------ Is your legacy SCM system holding you back? Join Perforce May 7 to find out: • 3 signs your SCM is hindering your productivity • Requirements for releasing software faster • Expert tips and advice for migrating your SCM now http://p.sf.net/sfu/perforce _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
