local.cf dnsbl.cf backhair.cf chickenpox.cf weeds2.cf
-- Bernard Robbins ___________________________________________ [EMAIL PROTECTED] src]# make me --with-more_time --with-more_money 90% of being smart is knowing what you're dumb at.
Frank Tore Johansen wrote:
Hi, I've been running Spamassassin 2.63 since it came out, but lately more and more spam seems to slip by its tests. I have the following local rules:
99_FVGT_Tripwire.cf chickenpox.cf nov2rules.cf weedsonly.cf backhair.cf evilnumbers.cf oct03_headers.cf bigevil.cf local.cf oct03_rules.cf
evilnumbers.cf, bigevil.cf, backhair.cf and chickenpox.cf is updated
nightly. I personally get around 520 spam pr day, and with a required
hits of 3, an average of 4 gets through every day. A colleague of mine
uses a required hits of 5, and the last few day around 40 of 300 spams has gotten through spamassassin for him.
We both regularly train our bayesian filters with all the spam that gets through.
Basically, I'm looking for more tuning tips. Is there any other great ruleset that I should try out? How low do you dare set your required_hits? (Yes, I have whitelisted most common important emails, but not all). I haven't tried SURBL yet, could this help greatly?
-Frank.
#**** Header IP Address
header NERD_DK eval:check_rbl('nerd', 'zz.countries.nerd.dk.')
tflags NERD_DK net
score NERD_DK 0.1
header AUSTRALIA eval:check_rbl_sub('nerd', '127.0.0.36')
describe AUSTRALIA AUSTRALIA
tflags AUSTRALIA net
score AUSTRALIA 2.0
header BELGIUM eval:check_rbl_sub('nerd', '127.0.0.56')
describe BELGIUM BELGIUM
tflags BELGIUM net
score BELGIUM 2.0
header BRAZIL eval:check_rbl_sub('nerd', '127.0.0.76')
describe BRAZIL BRAZIL
tflags BRAZIL net
score BRAZIL 3.0
header CANADA eval:check_rbl_sub('nerd', '127.0.0.124')
describe CANADA CANADA
tflags CANADA net
score CANADA 2.0
header CHINA eval:check_rbl_sub('nerd', '127.0.0.156')
describe CHINA CHINA
tflags CHINA net
score CHINA 3.0
header FRANCE eval:check_rbl_sub('nerd', '127.0.0.250')
describe FRANCE FRANCE
tflags FRANCE net
score FRANCE 2.0
header GERMANY eval:check_rbl_sub('nerd', '127.0.0.250')
describe GERMANY GERMANY
tflags GERMANY net
score GERMANY 2.0
header HONGKONG eval:check_rbl_sub('nerd', '127.0.1.88')
describe HONGKONG HONGKONG
tflags HONGKONG net
score HONGKONG 3.0
header IRELAND eval:check_rbl_sub('nerd', '127.0.1.116')
describe IRELAND IRELAND
tflags IRELAND net
score IRELAND 2.0
header JAPAN eval:check_rbl_sub('nerd', '127.0.1.136')
describe JAPAN JAPAN
tflags JAPAN net
score JAPAN 3.0
header KOREA eval:check_rbl_sub('nerd', '127.0.1.154')
describe KOREA KOREA
tflags KOREA net
score KOREA 3.0
header MEXICO eval:check_rbl_sub('nerd', '127.0.1.228')
describe MEXICO MEXICO
tflags MEXICO net
score MEXICO 2.0
header NETHERLANDS eval:check_rbl_sub('nerd', '127.0.2.18')
describe NETHERLANDS NETHERLANDS
tflags NETHERLANDS net
score NETHERLANDS 3.0
header ROMANIA eval:check_rbl_sub('nerd', '127.0.2.182')
describe ROMANIA ROMANIA
tflags ROMANIA net
score ROMANIA 3.0
header SPAIN eval:check_rbl_sub('nerd', '127.0.2.212')
describe SPAIN SPAIN
tflags SPAIN net
score SPAIN 2.0
header TAIWAN eval:check_rbl_sub('nerd', '127.0.0.158')
describe TAIWAN TAIWAN
tflags TAIWAN net
score TAIWAN 3.0
header ORDB eval:check_rbl('ordb', 'relays.ordb.org.')
describe ORDB relays.ordb.org
tflags ORDB net
score ORDB 2.0
header SPAMCOP eval:check_rbl('spamcop', 'bl.spamcop.net.')
describe SPAMCOP bl.spamcop.net
tflags SPAMCOP net
score SPAMCOP 4.0
header SPAMHAUS eval:check_rbl('spamhaus', 'sbl.spamhaus.org.')
describe SPAMHAUS sbl.spamhaus.org
tflags SPAMHAUS net
score SPAMHAUS 3.0
header DSBL eval:check_rbl('dsbl', 'list.dsbl.org.')
describe DSBL list.dsbl.org
tflags DSBL net
score DSBL 3.0
header NJABL eval:check_rbl('njabl', 'dnsbl.njabl.org.')
describe NJABL dnsbl.njabl.org
tflags NJABL net
score NJABL 3.0
header SORBS eval:check_rbl('sorbs', 'dnsbl.sorbs.net.')
describe SORBS dnsbl.sorbs.net
tflags SORBS net
score SORBS 1.5
header ABUSEAT eval:check_rbl('abuseat', 'cbl.abuseat.org.')
describe ABUSEAT cbl.abuseat.org
tflags ABUSEAT net
score ABUSEAT 3.0report_safe 1 skip_rbl_checks 0 use_dcc 0 use_pyzor 0 use_razor2 0 dns_available yes clear_trusted_networks trusted_networks 172.16.0.0/16 clear_headers add_header spam Flag _YESNOCAPS_ add_header all Status _YESNO_, hits=_HITS_ required=_REQD_ tests=_TESTSSCORES(,)_ rbl=_RBL_ autolearn=_AUTOLEARN_ version=_VERSION_ rewrite_header Subject *****SPAM***** report_safe_copy_headers Delivered-To # Bayes Stuff bayes_auto_learn 1 use_bayes 1 bayes_auto_learn_threshold_spam 10.0 bayes_path /home/.spamassassin/bayes bayes_file_mode 0666 bayes_ignore_header X-Sanitizer bayes_ignore_header X-Sanitizer-URL bayes_ignore_header X-Sanitizer-Rev bayes_ignore_header X-Mime-Autoconverted bayes_ignore_header X-Spam-Checker-Version bayes_ignore_header X-Spam-Status bayes_ignore_header X-IP score BAYES_00 -5.0 score BAYES_05 -4.0 score BAYES_10 -3.0 score BAYES_25 -2.0 score BAYES_50 +0.0 score BAYES_75 +2.0 score BAYES_90 +3.0 score BAYES_95 +4.0 score BAYES_99 +5.0 # Settings allow_user_rules 0
