On Sunday 01 May 2005 04:49 pm, John Andersen wrote: > On Sunday 01 May 2005 02:02 am, Roman Serbski wrote: > > Hi all, > > > > What was the highest score you've ever seen? I received a message > > yesterday that was scored with 51.9(!). =) > > Since you can control the scores by setting the score for one > or several tests, I just don't see how this is in any way meaningful. > > Most users adjust one or more scores to get rid of spam > that creep in under the radar. There is no reason to suspect > that exact same spam would get the same score for anyone > else.
How about this one, actually there are two like this: X-Spam-Status: Yes, score=132.2 required=5.0 tests=AWL,BAYES_99,DCC_CHECK, DIGEST_MULTIPLE,HTML_80_90,HTML_EVENT_UNSAFE,HTML_MESSAGE, HTML_MIME_NO_HTML_TAG,MIME_BOUND_DD_DIGITS,MIME_HTML_ONLY, MIME_HTML_ONLY_MULTI,MIME_QP_LONG_LINE,MPART_ALT_DIFF,MSGID_SPAM_CAPS, NORMAL_HTTP_TO_IP,PYZOR_CHECK,RAZOR2_CF_RANGE_51_100, RCVD_HELO_IP_MISMATCH,RCVD_IN_XBL,RCVD_NUMERIC_HELO,RM_t_bobbf, SARE_FORGED_EBAY,SPF_SOFTFAIL autolearn=disabled version=3.0.3 X-Spam-Pyzor: Reported 1 times. X-Spam-Report: * 0.1 RM_t_bobbf Definate spam destination email address * 3.8 MSGID_SPAM_CAPS Spam tool Message-Id: (caps variant) * 4.1 MIME_BOUND_DD_DIGITS Spam tool pattern in MIME boundary * 0.5 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) * [SPF failed: Please see http://spf.pobox.com/why.html?sender=aw-confirm%40eBay.com&ip=212.118.20.121&receiver=cpollock.localdomain] * 2.2 RCVD_HELO_IP_MISMATCH Received: HELO and IP do not match, but should * 1.2 RCVD_NUMERIC_HELO Received: contains an IP address used for HELO * 0.0 NORMAL_HTTP_TO_IP URI: Uses a dotted-decimal IP address in URL * 0.1 HTML_80_90 BODY: Message is 80% to 90% HTML * 0.0 HTML_MESSAGE BODY: HTML included in message * 0.1 MPART_ALT_DIFF BODY: HTML and text parts are different * 0.1 RAZOR2_CF_RANGE_51_100 BODY: Razor2 gives confidence level above 50% * [cf: 100] * 3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100% * [score: 0.9992] * 0.2 MIME_HTML_ONLY BODY: Message only has text/html MIME parts * 0.5 HTML_EVENT_UNSAFE BODY: HTML contains unsafe auto-executing code * 0.0 MIME_QP_LONG_LINE RAW: Quoted-printable line longer than 76 chars * 3.5 PYZOR_CHECK Listed in Pyzor (http://pyzor.sf.net/) * 2.2 DCC_CHECK Listed in DCC (http://rhyolite.com/anti-spam/dcc/) * 3.1 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL * [212.118.20.121 listed in sbl-xbl.spamhaus.org] * 0.1 DIGEST_MULTIPLE Message hits more than one network digest check * 0.1 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag * 104 SARE_FORGED_EBAY Message appears to be forged, (ebay.com) * 2.4 MIME_HTML_ONLY_MULTI Multipart message only has text/html MIME parts * 0.4 AWL AWL: From: address is in the auto white-list I can see though that I'm going to have to make an adjustment to my auto whitelist. -- Chris Registered Linux User 283774 http://counter.li.org 19:23:23 up 6 days, 13:25, 2 users, load average: 1.37, 1.23, 0.75 Mandriva Linux 10.1 Official, kernel 2.6.8.1-12mdk ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Our business in life is not to succeed but to continue to fail in high spirits. -- Robert Louis Stevenson ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~