>>>... >> Pierre, >> >> I does seem that the digests plus Bayes are the best defense against >> these. Just a few minutes ago another arrived: >> >> Y 15 - >> BAYES_99,DCC_CHECK,DIGEST_MULTIPLE,HTML_90_100,HTML_MESSAGE,MIME_QP_LONG_LINE,RAZOR2_CF_RANGE_51_100,RAZOR2_CHECK,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_NJABL_DUL,RCVD_IN_SORBS_DUL,RCVD_IN_XBL,URIBL_RHS_POST,URIBL_RHS_WHOIS > > >Where are those URIBL_RHS_* tests from? I see no mention of them on either SA >or URIBL sites. > >Pierre > Older versions of what I'm using are in Bugzilla #4104 - See:
http://issues.apache.org/SpamAssassin/attachment.cgi?id=2952&action=view for a large set of additional URI rules (many of the scores are far too high, and the SPEWS rules should be set to a score of 0.001 for most sites, though the meta-rules are quite safe). BTW. I do accept SPEWS listed emails every day, but I won't accept most mail from cable providers:) YMMV. Also, they show a lower than recommended (by URIBL) set of values for most of the URIBL lists. And, anyone with lots of traffic from domains with non-conforming country code TLDs may not want the 1/6 point I assign (still) to that. If you'd like I can send you or post a much larger group of "lower return" BLs also (e.g. the easyDNS maintained DNS operators' lists and a few other obscure, but sometimes helpful lists - not useful for a high traffic site - they don't FP much, but hit little in return for the DNS traffic overhead). Paul Shupak [EMAIL PROTECTED] P.S. There is the typo in the URIBL [red] rule in the web page above also (it prints [grey]).