Re: {SPAM} SA 3.01 scoring very low
On Wed, 2004-11-03 at 21:52, Matt Kettler wrote: > At 04:40 PM 11/3/2004, Dave Goodrich wrote: > >Good afternoon, > > > >I just finished testing an upgrade of SA to 3.01 and my scores fell > >through the floor. Read the docs, tried to use the Wiki, followed everyone > >else's upgrade on the list. Not sure just what went wrong. > > > >DAve > > > >Here is a sample output of spamassassin -D < test_spam (a known spam that > >had been caught and scored as follows, > > > >debug: received-header: unknown format: > >debug: received-header: unknown format: > >debug: received-header: unknown format: > >debug: received-header: unknown format: > > > > There's the cause of your problem.. SA is having problems parsing your > received headers. > > As a result, SA is failing to properly detect a trust path, and is > triggering ALL_TRUSTED, which should never happen for outside mail. > In the short term, force ALL_TRUSTED to 0 Matt, does this mean that even if trusted_networks is set in local.cf, SpamAssassin will fire the ALL_TRUSTED rule even if it can't parse the received headers? i.e. Since there are no parsable received headers, SA will assume that all must have been trusted? Seems a bit aggressive to me... - Sean
Re: {SPAM} SA 3.01 scoring very low
At 04:40 PM 11/3/2004, Dave Goodrich wrote: Good afternoon, I just finished testing an upgrade of SA to 3.01 and my scores fell through the floor. Read the docs, tried to use the Wiki, followed everyone else's upgrade on the list. Not sure just what went wrong. DAve Here is a sample output of spamassassin -D < test_spam (a known spam that had been caught and scored as follows, debug: received-header: unknown format: debug: received-header: unknown format: debug: received-header: unknown format: debug: received-header: unknown format: There's the cause of your problem.. SA is having problems parsing your received headers. As a result, SA is failing to properly detect a trust path, and is triggering ALL_TRUSTED, which should never happen for outside mail. debug: tests=ALL_TRUSTED,DRUGS_ERECTILE,FROM_NO_LOWER,INVALID_DATE,MISSING_SUBJECT,RM_hm_EmtyMsgid debug: subtests=__DRUGS_ERECTILE3,__DRUGS_ERECTILE_C,__SARE_HTML_HAS_MSG,__UNUSABLE_MSGID In the short term, force ALL_TRUSTED to 0 score ALL_TRUSTED 0 Open a bug report pointing out that SA isn't parsing your recieved headers. After you create the bug, attach a sample message to the bug so that the devs can test and fix things.