From: "Kenneth Porter" <[EMAIL PROTECTED]>
On Friday, September 15, 2006 4:38 PM -0400 Theo Van Dinter
<[EMAIL PROTECTED]> wrote:
Without seeing the rules that hit it's hard to tell you what's up.
Sorry about that. I'd pasted them into the linked forum thread so the forum
operator could see the hits.
Content analysis details: (8.0 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
0.6 NO_REAL_NAME From: does not include a real name
0.0 T__EXTERNAL_IP Received contains address not from our net
3.4 HELO_DYNAMIC_IPADDR Relay HELO'd using suspicious hostname (IP addr
1)
0.8 INFO_TLD URI: Contains an URL in the INFO top-level
domain
3.2 URI_NO_WWW_INFO_CGI URI: CGI in .info TLD other than third-level
"www"
Which may be a bit much for an URL in the info TLD, but ...
I noticed the values go up another couple of points when Bayes and network
tests are used, which is what pushed this over my reject limit of 10.0:
Content analysis details: (-89.7 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
1.0 NO_REAL_NAME From: does not include a real name
4.2 HELO_DYNAMIC_IPADDR Relay HELO'd using suspicious hostname (IP addr
1)
-100 USER_IN_WHITELIST From: address is in the user's white-list
1.3 INFO_TLD URI: Contains an URL in the INFO top-level
domain
4.1 URI_NO_WWW_INFO_CGI URI: CGI in .info TLD other than third-level
"www"
-0.2 BAYES_40 BODY: Bayesian spam probability is 20 to 40%
[score: 0.3237]
(This is after I white-listed the domain in local.cf.)
I'd use whitelist_from_rcvd or one of the other whitelist variants if
at all possible.
{^_^}
