Re: *****SPAM***** Re: DNS list service to detect the registrar barrier
From: "arni" <[EMAIL PROTECTED]> jdow schrieb: You are if you're the only one dumb enough to run email from this list through SpamAssassin then you might be. I dont exactly know why you have to flame people on this mailinglist but i'm gonna explain it to you: This list offers a great way to learn bayes with spam related ham, which is in my opinion on of the best hams around. It is spam related, so it might contain tokens that are also found in spam and it a great way to show bayes that these tokens are not only present in spam, but can also be in ham. I assure you that was not a flame. I do agree I did not frame it as a suggestion. But the concept seems so obvious to me that it seems silly someone does not determine unambiguously that the email came from this list and then completely bypass SpamAssassin. With procmail an "effective" but not bullet proof method exists that is fairly simple to apply. (And if someone DOES spoof it the email ends up in my SA users list folder where it becomes instant grist for the mill.) You can also use whitelist_from_rcvd. But that's not as machine efficient. {^_^}
Re: *****SPAM***** Re: DNS list service to detect the registrar barrier
jdow schrieb: You are if you're the only one dumb enough to run email from this list through SpamAssassin then you might be. I dont exactly know why you have to flame people on this mailinglist but i'm gonna explain it to you: This list offers a great way to learn bayes with spam related ham, which is in my opinion on of the best hams around. It is spam related, so it might contain tokens that are also found in spam and it a great way to show bayes that these tokens are not only present in spam, but can also be in ham. arni
Re: *****SPAM***** Re: DNS list service to detect the registrar barrier
You are if you're the only one dumb enough to run email from this list through SpamAssassin then you might be. {o.o} - Original Message - From: "arni" <[EMAIL PROTECTED]> To: "mouss" <[EMAIL PROTECTED]> Cc: Sent: Monday, 2007, July 02 13:06 Subject: Re: *****SPAM***** Re: DNS list service to detect the registrar barrier am i the only one getting a pretty solid false positive on the previous post? X-Spam-Report: * 0.0 DKIM_POLICY_SIGNSOME Domain Keys Identified Mail: policy says domain * signs some mails * 2.5 SARE_SPOOF_COM2COM URI: a.com.b.com * 2.0 SPOOF_COM2OTH URI: URI contains ".com" in middle * 2.5 SARE_SPOOF_COM2OTH URI: a.com.b.c * 2.3 SPOOF_COM2COM URI: URI contains ".com" in middle and end * -2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1% * [score: 0.]
Re: *****SPAM***** Re: DNS list service to detect the registrar barrier
Nope, you're not. Marc's first example line quoted by Mouss hit 4 different spam rules for the same error, for a total of 9.3 points. Odd that the original post by Marc did't get flagged. The reference to perkel.com.rb . outht to flag 1 hit, not 4 for the same line in the email! If any one of these rules had not piled on, BAYES_00 would have brought the score down to a non-spam level. On Mon, 2007-07-02 at 22:06 +0200, arni wrote: > am i the only one getting a pretty solid false positive on the previous > post? > > X-Spam-Report: > * 0.0 DKIM_POLICY_SIGNSOME Domain Keys Identified Mail: policy says > domain > * signs some mails > * 2.5 SARE_SPOOF_COM2COM URI: a.com.b.com > * 2.0 SPOOF_COM2OTH URI: URI contains ".com" in middle > * 2.5 SARE_SPOOF_COM2OTH URI: a.com.b.c > * 2.3 SPOOF_COM2COM URI: URI contains ".com" in middle and end > * -2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1% > * [score: 0.] -- Lindsay Haisley | "In an open world,| PGP public key FMP Computer Services |who needs Windows | available at 512-259-1190 | or Gates"| http://pubkeys.fmp.com http://www.fmp.com| |
Re: *****SPAM***** Re: DNS list service to detect the registrar barrier
am i the only one getting a pretty solid false positive on the previous post? X-Spam-Report: * 0.0 DKIM_POLICY_SIGNSOME Domain Keys Identified Mail: policy says domain * signs some mails * 2.5 SARE_SPOOF_COM2COM URI: a.com.b.com * 2.0 SPOOF_COM2OTH URI: URI contains ".com" in middle * 2.5 SARE_SPOOF_COM2OTH URI: a.com.b.c * 2.3 SPOOF_COM2COM URI: URI contains ".com" in middle and end * -2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1% * [score: 0.]