Matt,
Thank you for your reply. To everybody else who got on this topic and
helped Robert :-)))
Does the score
score ALL_TRUSTED -1.360
work only with
trusted_networks <IP_addresses>
?
As I mentioned I had the problem with AWL and turned it off. I now tend to
enable it, but am afraid it has old scores in it.
- Is there any way to display what it has?
- Do you think I should zero out everything in AWL and start from scratch?
How do I do that?
Thank you for the help. I appreciate it very much.
Irina
======================
----- Original Message -----
From: "Matt Kettler" <[EMAIL PROTECTED]>
To: "Irina" <[EMAIL PROTECTED]>
Cc: <[email protected]>
Sent: Thursday, January 12, 2006 11:35 AM
Subject: Re: AWL and trusted_networks
> Irina wrote:
> > Hello all,
> >
> > We getting much more spam lately than used to. I am looking at SA and
> > seeing few things that either don't work properly or have not been set
up
> > (my fault I have to admit). I will start from a simple question.
> >
> > At some point we had a problem with AWL giving a positive score to our
users
> > forcing messages to be marked as spam. I disabled it. Later on I
enabled
> > trusted_networks which works ok (it give a minus score when I am sending
a
> > message).
> >
> > Here is my question. If trusted_networks are set right, will it ever
> > give/add a positive score to AWL?
>
> Yes, it will give positive scores sometimes. But those scores shouldn't be
> significant.
>
> Please read:
> http://wiki.apache.org/spamassassin/AwlWrongWay
>
>
> Basically, adding positive scores to nonspam and negative scores to spam
is
> normal for the AWL. It's only a problem when things get pushed too far one
way
> or another.(as you saw)
>
> A poorly defined trusted_networks can cause the AWL to not be able to tell
the
> difference between someone actually sending mail and someone else spoofing
them.
> That can cause errant AWL learning of spoofed spam/viruses/etc as being
sent by
> the real person.
>
> I suspect that you might have had this happen at your site, and setting
> trusted_networks correctly should prevent that from re-occurring.
>
