The last one is the lowest scoring here, look at the results:
For the first mail:
Content analysis details: (13.2 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
0.1 FORGED_RCVD_HELO Received: contains a forged HELO
0.0 DK_POLICY_SIGNSOME Domain Keys: policy says domain signs some mails
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 BAYES_50 BODY: Bayesian spam probability is 40 to 60%
[score: 0.5751]
2.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP
address
[88.155.128.48 listed in dnsbl.sorbs.net]
3.9 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
[88.155.128.48 listed in zen.spamhaus.org]
7.0 BOUNCE_MESSAGE MTA bounce message
0.1 ANY_BOUNCE_MESSAGE Message is some kind of bounce message
The second one:
Content analysis details: (14.2 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
0.0 DK_POLICY_SIGNSOME Domain Keys: policy says domain signs some mails
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 DC_IMG_TEXT_RATIO BODY: Low body to pixel area ratio
0.5 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image area
0.0 HTML_MESSAGE BODY: HTML included in message
3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
[score: 1.0000]
0.5 HTML_IMAGE_ONLY_16 BODY: HTML: images with 1200-1600 bytes of words
0.6 SARE_SPEC_LEO_LINE03e RAW: common Leo body text
1.0 DC_IMG_HTML_RATIO RAW: Low rawbody to pixel area ratio
7.0 BOUNCE_MESSAGE MTA bounce message
0.1 ANY_BOUNCE_MESSAGE Message is some kind of bounce message
The third one:
Content analysis details: (14.1 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
0.1 FORGED_RCVD_HELO Received: contains a forged HELO
0.0 DK_POLICY_SIGNSOME Domain Keys: policy says domain signs some mails
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 BAYES_50 BODY: Bayesian spam probability is 40 to 60%
[score: 0.5442]
3.9 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
[84.2.4.148 listed in zen.spamhaus.org]
3.0 BOTNET BOTNET
7.0 BOUNCE_MESSAGE MTA bounce message
0.1 ANY_BOUNCE_MESSAGE Message is some kind of bounce message
And finaly, the low one:
Content analysis details: (5.8 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
0.0 DK_POLICY_SIGNSOME Domain Keys: policy says domain signs some mails
0.3 RCVD_ILLEGAL_IP Received: contains illegal IP address
3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
[score: 1.0000]
2.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP
address
[12.162.173.226 listed in dnsbl.sorbs.net]
I give the BOUNCE_MESSAGE a high score because the bonce backs were driving
me (and my users) mad. So I just throw them away. I know it's not very
RFC-something style, but works like a charm ;-)
Luix
2007/4/10, Spamassassin List <[EMAIL PROTECTED]>:
> http://hege.li/howto/spam/spamassassin.html
Remove everything from Botnet.cf RULES-section and set it up this way:
Does the above line mean to remove from the # THE RULES?
regards
--
-------------------------------------------------
GNU-GPL: "May The Source Be With You...
-------------------------------------------------
