Re: AWL on 3.4
- Message from "Kevin A. McGrail" - There are several CVEs in that version of SA. 3.4.5 is imminent with the release created and votes necessary given. I know I for one will be looking forward to the end of 3.4 branch and the focus on 4.0. Anyway, you might want to upgrade. TxRep works but I agree it has some bugs. I'm hoping to pay more attention to them now that 4.0 is the active codebase. Regards, KAM Thanks Kevin. It is operating and flagging repeats with adjusted txrep as expected, so that is an indicator that it is at least broadly Working as Intended (TM). I've not set txrep_autolearn on yet, will monitor for a while. Simon On Sun, Mar 21, 2021 at 3:04 AM Simon Wilson wrote: - Message from John Hardin - Date: Sat, 20 Mar 2021 08:08:17 -0700 (PDT) From: John Hardin Subject: Re: AWL on 3.4 To: users@spamassassin.apache.org > On Sun, 21 Mar 2021, Simon Wilson wrote: > >> I've just migrated and updated to SA 3.4, and have moved the Bayes >> db to Redis. I used to use AWL but don't think the module is loaded >> in 3.4, am I correct? >> >> There seems to be mixed commentary online about whether to enable >> it - I'll leave it off for a few weeks and see how it goes, but am >> interested in comments on its usefulness? > > It pretty much been replaced by TxRep. - End message from John Hardin - Thanks. I enabled TxRep and will see how it goes. I did run into this bug: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7383 ...where you cannot tell txrep where the tx_reputation file is for systemwide use, but the patch in that bug works, so I have patched the txrep plugin that came with 3.4.2, and it now respects the auto_whitelist_path setting in local.cf. Simon -- Simon Wilson M: 0400 12 11 16 - End message from "Kevin A. McGrail" - -- Simon Wilson M: 0400 12 11 16
Re: Why no points for SPF_NONE?
On Sun, 21 Mar 2021 11:34:09 -0400 Greg Troxel wrote: > Steve Dondley writes: > > > I'm learning a bit about spamassassin rules and taking a peek at how > > my inbound mail is scored. I noticed that PF_NONE scores zero points > > by default. I'm wondering if there is a good reason for not giving > > it a score and whether I should set that to something much higher > > like 1.0. > > > > I'm curious to know what more experienced people have this set > > to. Thanks. > > The meta point is that scores are normally set by examining a large > corpus of ham and spam. You are implicitly adopting a theory that > SPF_NONE is correlated with spamminess, but you have not validated > that theory. The score of SPF_NONE is not set automatically and it was only turned-on as an informational rule a couple of years ago. The score distribution, in rule QA suggests it would stand a higher score. However, the KAM rules contain: header __KAM_SPF_NONEeval:check_for_spf_none() meta KAM_LAZY_DOMAIN_SECURITY (!__DKIM_EXISTS && __KAM_SPF_NONE) scoreKAM_LAZY_DOMAIN_SECURITY 1.0 This is better than scoring SPF_NONE directly as the check for a DKIM signature will mitigate SPF_NONE hits that are caused by networking problems.
Re: Why no points for SPF_NONE?
Steve Dondley writes: > I'm learning a bit about spamassassin rules and taking a peek at how > my inbound mail is scored. I noticed that PF_NONE scores zero points > by default. I'm wondering if there is a good reason for not giving it > a score and whether I should set that to something much higher like > 1.0. > > I'm curious to know what more experienced people have this set > to. Thanks. The meta point is that scores are normally set by examining a large corpus of ham and spam. You are implicitly adopting a theory that SPF_NONE is correlated with spamminess, but you have not validated that theory. Certainly if you have preferences you are welcome to set them in your own system. I score up icky things like HTML-only mail, mail where the text and html don't match, etc.. Basically when someone is doing things that violate standards or best practice, I'm less interested in reading it. However that is quite different from whether it is spam. In my case, I tend not to request content that has these issues, and thus *for me* mail that is nonconforming has a higher likelihood of being spam than would be true for a mailbox operated by a normal person. So, if when you get mail from your friends that is SPF_NONE, you hassle them about it and ask them to add an SPF record, maybe SPF_NONE is a clue of spam for your inbox. I find only a small % of both my ham and spam has SPF_NONE. I therefore don't think it has much predictive value. signature.asc Description: PGP signature
Why no points for SPF_NONE?
I'm learning a bit about spamassassin rules and taking a peek at how my inbound mail is scored. I noticed that PF_NONE scores zero points by default. I'm wondering if there is a good reason for not giving it a score and whether I should set that to something much higher like 1.0. I'm curious to know what more experienced people have this set to. Thanks.
Re: AWL on 3.4
There are several CVEs in that version of SA. 3.4.5 is imminent with the release created and votes necessary given. I know I for one will be looking forward to the end of 3.4 branch and the focus on 4.0. Anyway, you might want to upgrade. TxRep works but I agree it has some bugs. I'm hoping to pay more attention to them now that 4.0 is the active codebase. Regards, KAM -- Kevin A. McGrail Member, Apache Software Foundation Chair Emeritus Apache SpamAssassin Project https://www.linkedin.com/in/kmcgrail - 703.798.0171 On Sun, Mar 21, 2021 at 3:04 AM Simon Wilson wrote: > - Message from John Hardin - > Date: Sat, 20 Mar 2021 08:08:17 -0700 (PDT) > From: John Hardin > Subject: Re: AWL on 3.4 > To: users@spamassassin.apache.org > > > > On Sun, 21 Mar 2021, Simon Wilson wrote: > > > >> I've just migrated and updated to SA 3.4, and have moved the Bayes > >> db to Redis. I used to use AWL but don't think the module is loaded > >> in 3.4, am I correct? > >> > >> There seems to be mixed commentary online about whether to enable > >> it - I'll leave it off for a few weeks and see how it goes, but am > >> interested in comments on its usefulness? > > > > It pretty much been replaced by TxRep. > > > - End message from John Hardin - > > > Thanks. I enabled TxRep and will see how it goes. I did run into this bug: > > https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7383 > > ...where you cannot tell txrep where the tx_reputation file is for > systemwide use, but the patch in that bug works, so I have patched the > txrep plugin that came with 3.4.2, and it now respects the > auto_whitelist_path setting in local.cf. > > Simon > > -- > Simon Wilson > M: 0400 12 11 16 > >
Re: AWL on 3.4
- Message from John Hardin - Date: Sat, 20 Mar 2021 08:08:17 -0700 (PDT) From: John Hardin Subject: Re: AWL on 3.4 To: users@spamassassin.apache.org On Sun, 21 Mar 2021, Simon Wilson wrote: I've just migrated and updated to SA 3.4, and have moved the Bayes db to Redis. I used to use AWL but don't think the module is loaded in 3.4, am I correct? There seems to be mixed commentary online about whether to enable it - I'll leave it off for a few weeks and see how it goes, but am interested in comments on its usefulness? It pretty much been replaced by TxRep. - End message from John Hardin - Thanks. I enabled TxRep and will see how it goes. I did run into this bug: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7383 ...where you cannot tell txrep where the tx_reputation file is for systemwide use, but the patch in that bug works, so I have patched the txrep plugin that came with 3.4.2, and it now respects the auto_whitelist_path setting in local.cf. Simon -- Simon Wilson M: 0400 12 11 16
