LuKreme wrote: > On 15-May-2009, at 12:27, Jeremy Morton wrote: >> It's unwanted e-mail, so it's pretty close to spam in my book. Just >> because it's some moron who bounced a message instead of someone >> explicitly spamming me doesn't make it much better. > > But it is NOT spam, which means that you screwing up the scores for > BAYES based on these types of mail is simply screwing yourself.
Ooh, a can of worms! Yum. "Spam" is defined as a message that meets the following criteria: 1. Bulk message (including personalized auto-responders) 2. Unsolicited So the new business contact who got your address from a mutual friend sends you unsolicited mail, but it is not bulk and therefore not spam. This mailing list is bulk, but we all solicited it so it is not spam. Backscatter from misdirected bounces is bulk AND unsolicited. That means it is spam. http://spamcop.net/fom-serve/cache/329.html http://en.wikipedia.org/wiki/Backscatter_spam http://www.backscatterer.org/ The best 'solution' is to report it to SpamCop (not KnujOn as they deal with spamvertised web sites' registrars rather than mail relays). SpamCop will contact the appropriate authorities and tell them that these servers are misconfigured. How we should treat backscatter in Bayes is another issue. One must recall that Bayes is REALLY REALLY smart. I've found that it actually does the right thing after training backscatter as spam and legit bounces as ham. Sure enough, backscatter gets marked as >50% and legit bounces get marked as <50%. It certainly helps that I've configured internal_networks, bumped ALL_TRUSTED, and I use vBounce correctly. I think I've posted this before, but: score ANY_BOUNCE_MESSAGE 0.1 0.1 0.3 0.3 # def: 0.1 score BOUNCE_MESSAGE 0.4 0.5 0.9 1.0 # def: 0.1 score VBOUNCE_MESSAGE 0.4 0.5 0.9 1.0 # def: 0.1 header __VACATION Subject =~ /\b(?:vacatio|away|out.of.offic|auto.?re|confirm)/i # https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6008 header __BUGZILLA_DAEMON From =~ /bugzilla/i meta KHOP_BACKSCATTER !ALL_TRUSTED && !DKIM_VERIFIED && !__VACATION && !__BUGZILLA_DAEMON && (BOUNCE_MESSAGE||VBOUNCE_MESSAGE) describe KHOP_BACKSCATTER Misdirected bounce to a forged sender address score KHOP_BACKSCATTER 6.9 I reject at 8.0 and mark at 5.0, so this pretty much kills all of my company's backscatter. Anything that's DKIM_VERIFIED should have admins responsive to SpamCop's spam reports.