Training SA instead of debugging is much easier sometime, I did give up with errors and do my own workarounds; I made _spam and _ham dirs in SA dir and fill them with spam or ham messages when I find a few, then fire the script:
@REM Train Spamassassin c: cd \NET\SpamAssassinWin32-EX @REM Learn spam sa-learn.exe --spam _spam del _spam\*.* /q @REM Learn ham sa-learn.exe --ham _ham @REM Resend false positives copy _ham\*.* C:\inetpub\mailroot\Pickup del _ham\*.* /q @pause Now I got the best statistics... On Fri, Aug 20, 2010 at 9:44 PM, John Hardin <jhar...@impsec.org> wrote: > On Fri, 20 Aug 2010, Karsten Bräckelmann wrote: > > On Fri, 2010-08-20 at 17:47 +0200, Karsten Bräckelmann wrote: >> >>> On Fri, 2010-08-20 at 17:12 +0200, Jan P. Kessler wrote: >>> >>>> false-positives hitting on the rules JM_SOUGHT_1 and JM_SOUGHT_2. >>>> Unfortunaley I can not give examples as these messages contain confidental >>>> customer data (assurance company). We had more than 100 false-positives >>>> with >>>> these rules in the last 2 days. >>> >>>