Am 24.04.2015 um 16:35 schrieb Matus UHLAR - fantomas:
Am 24.04.2015 um 16:11 schrieb Matus UHLAR - fantomas:SA setup will detect such domains and will score mail positively. Is there something other to explain?On 24.04.15 16:16, Reindl Harald wrote:i don't really and everybody who pretends the opposite should be quiet in the future when it comes to highly false positive prone rules with scores of 1.5 or even higherHave you lowered _all_ scores to be below 1.5? like BAYES_99 or DEAR_FRIEND ? There's plenty of them:
it talk about rules hit *a single* spam message which would have been caught by other rules too and on the other side a lot of ham mails like RCVD_ILLEGAL_IP where people always argue "1.5 points is not a FP"
grep -hr '^score' /var/lib/spamassassin/3.003002/updates_spamassassin_org | egrep -c '(1[5-9]|[2-9]|[1-9]0)\.' 288 Have you already implemented the SPF_PASS_PLUSALL to see how much of false positives it gives? BTW, default proposed score for SPF_PASS_PLUSALL was 0.001 so what exactly are you complaining about?
WTF read the thread and context - i just statet "I wonder how long until spammers use: v=spf1 ip4:0.0.0.0/1 ip4:128.0.0.0/1 -all" makes no sense for spammers, not more and not less
signature.asc
Description: OpenPGP digital signature
