On Sat, 2011-04-02 at 21:24 -0400, dar...@chaosreigns.com wrote:
> I'm curious what blacklists other people are currently using at their MTA,
> rejecting during delivery, before mail gets to spamassassin.
A binary, black-and-white perception. While under certain circumstances
really close to reality, it might yield FPs. But see below.
> zen.spamhaus.org:
>
> MSECS SPAM% HAM% S/O RANK SCORE NAME WHO/AGE
> 0 70.7263 0.0016 1.000 1.00 0.00 RCVD_IN_XBL
> 0 65.6389 0.1020 0.998 0.90 0.00 RCVD_IN_PBL
>
> How can those add up to more than 100% of spam? They're both checking
> lastexternal, for different values?
I am rather speechless...
Because they are two different blacklists. Because there is no guarantee
being on one prevents being listed on the other. And because these stats
are generated in a SCORING system.
Because there is overlap. Because there are SA rules, part of a scoring
system, NOT rejecting on sight. That is, why different DNS BL tests in
SA, different rules, actually *can* add up to more than 100%...
--
char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
