Re: False positives with Razor2
On 5 Dec 2015, at 4:42, Torsten Bronger wrote: > Hallöchen! > > In http://wilson.bronger.org/37196 Nope: * Trying 176.199.175.106... * Connected to wilson.bronger.org (176.199.175.106) port 80 (#0) > GET /37196 HTTP/1.1 > Host: wilson.bronger.org > User-Agent: curl/7.45.0 > Accept: */* > < HTTP/1.1 403 Forbidden < Server: nginx/1.4.6 (Ubuntu) < Date: Sat, 05 Dec 2015 16:30:56 GMT < Content-Type: text/html; charset=iso-8859-1 < Content-Length: 290 < Connection: keep-alive < 403 Forbidden Forbidden You don't have permission to access /37196 on this server. Apache/2.4.7 (Ubuntu) Server at wilson.bronger.org Port 80
Re: False positives with Razor2
Hallöchen! Bill Cole writes: > On 5 Dec 2015, at 4:42, Torsten Bronger wrote: > >> In http://wilson.bronger.org/37196 > > Nope: Sorry, works now. Tschö, Torsten. -- Torsten BrongerJabber ID: torsten.bron...@jabber.rwth-aachen.de
False positives with Razor2
Hallöchen! In http://wilson.bronger.org/37196 you see a mail from myself to myself which was marked by Razor2. This is hilarious since I don't report anything to Razor and such messages are only seen by me. Is Razor still being maintained? The webpage doesn't look like this. Should I just set the Razor scores to zero? Tschö, Torsten. -- Torsten BrongerJabber ID: torsten.bron...@jabber.rwth-aachen.de
Re: False positives with Razor2
On 5 Dec 2015, at 14:46, Torsten Bronger wrote: Hallöchen! Bill Cole writes: On 5 Dec 2015, at 4:42, Torsten Bronger wrote: In http://wilson.bronger.org/37196 Nope: Sorry, works now. This: -5.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.] 3.0 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/) 3.0 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50% [cf: 100] 6.0 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level above 50% [cf: 100] Indicates that someone has sabotaged your SA scores. Those are entirely insane scores for those tests. If the default values were used, that message would not have been misclassified. Note that while the Razor client package has not been updated recently, it is not something that needs substantial ongoing development: the critical component of Razor is in the fingerprint data on Cloudmark's servers. What this particular false positive probably means is that someone reported a message with an URL similar to one in that message as spam. Razor (like Cloudmark Authority, its commercial cousin) does poorly with low-occurrence URLs. That's why razor-whitelist exists. Use it. And don't trust whoever set your BAYES and RAZOR scores to have anything to do with your spam control.