Am 11.06.2016 um 23:26 schrieb Sidney Markowitz:
Reindl Harald wrote on 12/06/16 9:08 AM:and it's not worth to discuss since the *real* solution would be a "BAYES_NOTOKS" which would appear *everywhere* and clearly explain why no other BAYES_XX is presentI can't argue with that. Without the ability to make it a rule or a meta-rule that would only show if there are no BAYES_NN rules triggered, adding the tags to the report unconditionally would not be the same as a BAYES_NOTOK rule. As far as I can tell implementing BAYES_NOTOK would require a (small) change in the Bayes plugin. It could not be done in the configuration file or by writing a new rule. So you are right about that.
that's exactly the point
However, what you said about _SENDERDOMAIN_ and _AUTHORDOMAIN_ could be handled by adding a report line that contains those tags just before or just after the report _SUMMARY_ line in the configuration
headers don't help when you have a "spamd: result" log-line with a ton of rules or a new rule you are trying out appears when the message has no message-id since your only anchor is the mid=<> part of the logline from which you can grep the other relevant MTA lines and find out who was the sender, who was the rcpt and from where did that message arrive at all
keep in mind: you get all that headers only in your own mails, they are not helping you much as sysadmin for a lot of users where you try to find out if rules needs to be rescored in whatever direction
signature.asc
Description: OpenPGP digital signature