On 12/15/2009 9:31 AM, The Doctor wrote: > On Tue, Dec 15, 2009 at 12:55:00PM +0530, Rajkumar S wrote: >> Occasionally I receive mail from compromised web mails asking user >> name and password from my users. The source IPs are usually clean (as >> they are legitimate mail servers) and do not catch any ip based rules.
Do you use Bayes? Bogofilter (another bayesian filter) catches those here. The one you posted scored 0.94 here and would have been dropped.
