-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John Rudd wrote:
> The number of messages that get flagged by Botnet but aren't spam is, in
> my observation across a few sites, less than one tenth of one percent.
Funnily enough, the reason this came up is that Botnet was flagging
messages at 5.1
Alex Woick wrote:
John Rudd wrote:
Botnet's score of 5 is meant to say "this message should be
quarantined or flagged for review". It's not saying "this message is
_definitely_ spam".
In my opinion, this is not quite according to the concept of
SpamAssassin. SA has a bunch of rules that gi
On Wednesday 04 July 2007, Alex Woick wrote:
> One hint alone is never enough, it always
> takes some of them until a threshold (5) is crossed
Except in the case where ONE hint IS enough.
(For some values of "hint" and some values of "enough".
For instance, a high Razor2 score (the hint) is en
John Rudd wrote:
Botnet's score of 5 is meant to say "this message should be quarantined
or flagged for review". It's not saying "this message is _definitely_
spam".
In my opinion, this is not quite according to the concept of
SpamAssassin. SA has a bunch of rules that give qualified hints
Cliff Stanford wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michele Neylon :: Blacknight wrote:
This is one of the reasons why using SA is so cool - you can customise
it to suit your needs!
Thanks all for all your most helpful responses.
I have edited the Botnet.cf file to reduce th
Cliff Stanford wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michele Neylon :: Blacknight wrote:
This is one of the reasons why using SA is so cool - you can customise
it to suit your needs!
Thanks all for all your most helpful responses.
I have edited the Botnet.cf file to reduce th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michele Neylon :: Blacknight wrote:
> This is one of the reasons why using SA is so cool - you can customise
> it to suit your needs!
Thanks all for all your most helpful responses.
I have edited the Botnet.cf file to reduce the score, for the time
René Berber wrote:
John Rudd wrote:
Botnet's score of 5 is meant to say "this message should be quarantined
or flagged for review". It's not saying "this message is _definitely_
spam".[snip]
The trouble is redundancy in scores, the BOTNET score is usually just the start
of a HELO_DYNAMIC_DHC
John Rudd wrote:
> Botnet's score of 5 is meant to say "this message should be quarantined
> or flagged for review". It's not saying "this message is _definitely_
> spam".[snip]
The trouble is redundancy in scores, the BOTNET score is usually just the start
of a HELO_DYNAMIC_DHCP,HELO_DYNAMIC_HC
My take on botnet scoring, like that of any "custom" rule is that I can
change the scoring to suit my requirements.
Considering the kind of users we deal with adding in the "default"
scores would have caused a lot of headaches, so I actually tested it
with scores of 0 on all to see how many hi
Botnet's score of 5 is meant to say "this message should be quarantined
or flagged for review". It's not saying "this message is _definitely_
spam".
Lots of people lower its score to something like 2-3 if they feel it's
too aggressive. I keep it at a 5, and have VERY FEW false positives.
On Tue, 2007-07-03 at 16:39 +0200, Cliff Stanford wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> I'm still a bit vague on how the SpamAssassin rules fit together but
> I've noticed that, since upgrading to the latest version, I'm getting a
> lot of false positives.
>
> The common ca
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm still a bit vague on how the SpamAssassin rules fit together but
I've noticed that, since upgrading to the latest version, I'm getting a
lot of false positives.
The common cause seems to be Botnet.cf. Where a server has no reverse
DNS, BOTNET_NOR
13 matches
Mail list logo