-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Daniel,
Saturday, July 19, 2003, 10:52:35 PM, you wrote: DC> Thanks, that really helped a lot. I think I now have a fairly DC> functional user_defs file. DC> In your email you used some tests I'm not familiar with: >> header MY_VIAGRA Subject =~ /[EMAIL PROTECTED]@[EMAIL PROTECTED]/i >> describe MY_VIAGRA Subject mentions viag[a]ra >> score MY_VIAGRA 555.55 DC> I only knew of the "score" test. I'd like to learn what other tests DC> there are and how to use them. Where should I go for that? Are there DC> any whitelist* tests other than whitelist_from? "score" isn't a test -- it's a command that says "set the score to xx.xx for the test that has this name." The reason "score VIAGRA 5.55" works is because the developers have included a test named VIAGRA in the basic SA package. We are then able to modify the score as appropriate for our varying needs. (For instance, my father insists on sending email with subjects in all caps. I therefore lower the score for the SUBJ_ALL_CAPS test so avoid flagging his emails as spam.) A test is something like the "header" definition I offered above. This is the definition of a header test, where the Subject header is tested for a regular expression. If it matches, then the corresponding score is applied, and if a report is generated then the corresponding description is included. DC> I am very new to SpamAssassin. Tell me if I understand it correctly: DC> SpamAssassin performs a series of tests on an email. For each test DC> performed, a value is added/subtracted. There is a certain DC> "threshold" which sepparates spam from "ham". Yes, I think you've got it. DC> Do I understand this correctly? If so, then I have two more questions: DC> - How do I find out my threshold? How do I change it? In your email headers should be a line similar to > X-Spam-Status: No, hits=-0.6 required=9.0 The "required" value is your threshold. I've increased mine from the default 5.0 to 9.0 to minimize the chances that valid email from my spammy father, or from my company's vendors, will be flagged erroneously as spam. YMMV. This threshold is set in the local.cf file or user_prefs (or both). As a domain webmaster on a shared server, I don't have access to local.cf, and so my threshold is specified in user_prefs. > required_hits 9 - From http://www.spamassassin.org follow the link to the documentation and then to the Top-level README file. It documents this parameter. I've also found the "tests" link from spamassassin.org to be very helpful in letting me know what was available. The scores inside that file may not apply to your installation, though -- they've very strongly version/release specific. I suggest (as was suggested to me): download the current installation file if you don't already have it, and check out the rules definitions and scores for yourself. Also on that documentations page is a link to Mail_SpamAssassin_Conf.html; it contains documentation about what is normally allowed (active) in a user_prefs file, and what isn't. (The header test I supplied above, for instance, is normally not able to run from within a user_prefs file. I've implemented some special programming to gain added flexibility within SA.) Do make sure you check out Matt Kettler's very valuable how-to (Matt: the copy I have doesn't have your URL inside -- can you provide it again?) Even if you are limited to the user_prefs file, and cant' yet activate your own rules, the information in there is very helpful. Finally, check out William Sterns' collected blacklist at http://www.stearns.org/sa-blacklist/sa-blacklist.current -- that blacklist occupies about 2/3 of my user_prefs file, and I wouldn't be without it. DC> - What is the threshold for "whitelist_from"? How do I change it? Whitelist_from has no threshold -- only a score. The default score is - -100; the test name is USER_IN_WHITELIST and you can give it a score just like you can the VIAGRA test. I haven't heard of anyone who has changed the score, though -- would you need to strengthen, or weaken, the whitelist? Bob Menschel -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBPxtrxpebK8E4qh1HEQL9aACfcVx8SYldViyIUBPGtWLVPAh+nKkAoLQw K8rsPklICzXBxL936ujsV9JO =kq/v -----END PGP SIGNATURE----- ------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
