Just wondering if anyone is using ASN information and is so - what are
you doing?
--
Marc Perkel - Sales/Support
supp...@junkemailfilter.com
http://www.junkemailfilter.com
Junk Email Filter dot com
415-992-3400
On Sat, 05 Mar 2016 04:09:55 -, David B Funk
wrote:
On Fri, 4 Mar 2016, Alex wrote:
I have a legitimate mail that received 2.8 points, making it spam, as
a result of what appears to be a false positive with DOS_OUTLOOK_TO_MX
http://pastebin.com/dbm2Q4k6
There doesn't seem to be any des
On Fri, 4 Mar 2016, Alex wrote:
Hi,
I have a legitimate mail that received 2.8 points, making it spam, as
a result of what appears to be a false positive with DOS_OUTLOOK_TO_MX
http://pastebin.com/dbm2Q4k6
There doesn't seem to be any desktop system involved, just direct
communication with th
Hi,
I have a legitimate mail that received 2.8 points, making it spam, as
a result of what appears to be a false positive with DOS_OUTLOOK_TO_MX
http://pastebin.com/dbm2Q4k6
There doesn't seem to be any desktop system involved, just direct
communication with the sender's service provider. Is thi
On Fri, 4 Mar 2016, Alex wrote:
Hi,
Is there something that can be done to improve this rule?
ran body rule URI_OBFU_WWW ==> got hit: "www..facebook.com"
2.45 points, putting it over the edge in a number of messages where
the sender accidentally typed it wrong in their signature, is just
Hi,
Is there something that can be done to improve this rule?
ran body rule URI_OBFU_WWW ==> got hit: "www..facebook.com"
2.45 points, putting it over the edge in a number of messages where
the sender accidentally typed it wrong in their signature, is just too
much.
thanks,
alex
Am 04.03.2016 um 09:29 schrieb Matus UHLAR - fantomas:
it would at best end in the rule get such a low score that it is
the same as disable it entirely - so the only correct thing to do
is stop the foolish deep-header parsing
why?
because *then* it would no longer hit any relevant amount of h
it would at best end in the rule get such a low score that it is
the same as disable it entirely - so the only correct thing to do
is stop the foolish deep-header parsing
why?
because *then* it would no longer hit any relevant amount of ham
and QA corpus over time could score it higher in a safe
On 03.03.16 16:54, RW wrote:
>RCVD_NUMERIC_HELO is an independent deep check and overlaps heavily
>with either FSL_* rule.
On Thu, 3 Mar 2016 17:59:33 +0100
Matus UHLAR - fantomas wrote:
I wouldn't say so, at least on my system.
% zcat /var/log/mail*.gz | cat - /var/log/mail /var/log/mail.1 |
