> I want to use combo filtering with testsfailed to further > punish emails that fail two or more of the reliable tests.
Travis, I do a similar thing for a long time now and I'm very happy with the following solution: 1.) create a new filter test COMBO-IP4R: COMBO-IP4R filter C:\IMail\Declude\combo_ip4r.txt x 0 0 2.) In this file write all you're reliable IP4R-Tests. For example ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ TESTSFAILED 0 CONTAINS CBL TESTSFAILED 0 CONTAINS DSBL TESTSFAILED 0 CONTAINS SPAMCOP TESTSFAILED 0 CONTAINS XBL-DYNA ... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 3.) Now you can create additional COMBO-Test files. For example COMBO-IP4R-SNIFFER filter C:\IMail\Declude\combo_ip4r_sniffer.txt x 0 0 4.) In this file write the points you want to add if one of the IP4R tests has failed at the same time with SNIFFER ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ TESTSFAILED END NOTCONTAINS COMBO-IP4R TESTSFAILED 30 CONTAINS SNIFFER-TRAVEL TESTSFAILED 30 CONTAINS SNIFFER-INSUR TESTSFAILED 30 CONTAINS SNIFFER-AV TESTSFAILED 30 CONTAINS SNIFFER-MEDIA TESTSFAILED 30 CONTAINS SNIFFER-SWARE TESTSFAILED 30 CONTAINS SNIFFER-SNAKE TESTSFAILED 30 CONTAINS SNIFFER-SCAMS TESTSFAILED 30 CONTAINS SNIFFER-PORN TESTSFAILED 30 CONTAINS SNIFFER-MALWARE TESTSFAILED 30 CONTAINS SNIFFER-INK TESTSFAILED 10 CONTAINS SNIFFER-RICH TESTSFAILED 30 CONTAINS SNIFFER-CREDIT TESTSFAILED 30 CONTAINS SNIFFER-CASINO TESTSFAILED 30 CONTAINS SNIFFER-OBFUSC TESTSFAILED 30 CONTAINS SNIFFER-GENERAL ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ As you can see you can also assign different additional points for different SNIFFER result codes if you've split up SNIFFER in multiple tests for each result code. Some additional things you can do For example write at teh top of the file 2.) something like COUNTRY END STARTSWITH us and there will be no additional points for messages orriginating from the USA. (maybe this will not have so much sense as in my case where most legit messages came from Italy, Austria and Germany So I've also lowered the weight of all IP4R-tests in my global.cfg file to a very low weight and have set up an additional filter file having at the top some END-statements for certain countries. Then below are the same TESTFAILED-lines as in the file 4.) So I can assign relative high weights to IP4R-tests for messages comming from "foreign" countries and lower weights for all messages comming from Italy and neighbors. Tests I've found very usable for COMBO-tests are CMDSPACE SNIFFER INVURIBL SPAMDOMAINS Hope this helps Markus --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
