Matthew Cline wrote:
>I got the idea of creating rules that would be triggered depending upon what
>other rules had already been triggered, so that you could combine different
>tests for greater accuracy. For instance, the rule US_DOLLARS is described
>as a "Nigerian scam key phrase", but it's separate from the NIGERIAN_SCAM
>rules; the different rules simply add up if both of them are present. But if
>there a rule like:
>
> meta NIGERIAN_META (NIGERIAN_SCAM || NIGERIAN_SCAM_2) && US_DOLLARS
>
>So then you could shift points from the base rules to the meta rule, thus
>hopefully reducing false positives.
>
This strikes me as a poor locution. Wouldn't you want something like
meta NIGERIAN_META (Body =~ /<nigerian scam regexp>/ || Body =~
/<nigerian scam 2 regexp) && Body =~ /<us_dollars>/)
I mean, it seems more useful to be able to slide together tests
arbitrarily rather than by name, and for this reason: given the way the
GA seems to like to inexplicably push scores to zero, it's hard to spot
immediately if a multipoint test will pass or fail because some
component is zero, whereas the above would never have that problem. But
I can see how something like this would be useful as a "we're even more
sure this is spam" perspective.
In general, I'm wondering why more Perl eval's aren't being used
directly rather than the current method of parsing fragments.
--
http://www.pricegrabber.com | Dog is my co-pilot.
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
