On Mon, 24 Sep 2007, feral wrote: > Here are the headers & bodies of 3 of the spams that got through > (and are continuing to come through at a high rate):
> tests=BAYES_00,HELO_DYNAMIC_IPADDR2 > autolearn=no version=3.1.9 > tests=BAYES_00,HELO_DYNAMIC_IPADDR2, > HELO_DYNAMIC_SPLIT_IP autolearn=no version=3.1.9 > X-Spam-Status: No, score=-0.6 required=4.0 tests=BAYES_00,HOT_NASTY,PORN_16 > autolearn=no version=3.1.9 Observations: (1) Hardly any rules are hitting. (2) Everything is getting BAYES_00. The very first thing to look at is your Bayes database. How are you training it, and how has it gotten so badly mistrained? Are you using a Bayes database that is global to all your clients, or per-user Bayes databases? How are you training? Is the user actually responsible training, and the problem is basically their own fault? Can you run "sa-learn --dump magic" and send us the output? As Dave said, do you have network tests disabled? -- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ [EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- Pelley: Will you pledge not to test a nuclear weapon? Ahmadeinejad: CIA! Secret prison in Europe! Abu Ghraib! -- Teflon Mahmoud in a 60 Minutes interview (9/20/2007) ----------------------------------------------------------------------- 244 days until the Mars Phoenix lander arrives at Mars
