On 04/03, Karsten Bräckelmann wrote: > A binary, black-and-white perception. While under certain circumstances > really close to reality, it might yield FPs. But see below.
Yup. > > 0 70.7263 0.0016 1.000 1.00 0.00 RCVD_IN_XBL > > 0 65.6389 0.1020 0.998 0.90 0.00 RCVD_IN_PBL > > > > How can those add up to more than 100% of spam? They're both checking > > lastexternal, for different values? > > I am rather speechless... > > Because they are two different blacklists. Because there is no guarantee > being on one prevents being listed on the other. And because these stats > are generated in a SCORING system. Yeah but they're in the same DNS zone, zen.spamhaus.org, and although I recognize you can have multiple "A" records for the same name, it looks like queries to this zone only return one answer per lookup. Or does it sometimes return multiple "A" records for one query, and I'm just not finding those examples? I thought maybe it was because these tests are run on all untrusted relays, not just the last. Which seems like a waste. But I have spams with only one hop before delivering to my server that hit both of them. -- "We will be dead soon. Is this how we want to live?" http://www.ChaosReigns.com
