Uh, whoops. Apparently I deleted the body of the message before I sent it.
Sorry...
I was asking for help figuring out why messages like the one I attached
are getting through my SA setup. I'm using SA 3.2.1 with spamd, through
Postfix, on Linux.
This message scores as follows on my system:
2.0 FREEMAIL_FROM From-address is freemail domain
0.0 BOTNET_SERVERWORDS Hostname contains server-like substrings
[botnet_serverwords,ip=98.136.45.12,rdns=n65a.bullet.mail.sp1.yahoo.com]
-2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1%
[score: 0.0000]
It also hits on the Spamcop URIBL at the moment, but it didn't when I
first received it. That's a common theme now - message comes in and
doesn't appear in any blacklists. I test it sometime later and it does,
often scoring high enough then to be filtered. All these messages are
coming from freemail providers. I'd like to delay mail from them for an
hour or something, to give these messages time to get into the blacklists,
but I haven't figured out a way to do that yet.
I've been getting lots of these for the last 2-3 weeks. The freemail
filter wasn't enough to stop them, especially for the ones that score 0%
in bayes. Maybe it's time to wipe out my bayes DB and start over? Or is
there some other filter I should add? It's driving me crazy!
--
Owen B. Mehegan ([EMAIL PROTECTED])
>
