Bart Schaefer said: > Did you read the original article? He claims to be _more_ accurate than > SA while still doing header-content-only tests (not DNSbl). Of course, I > don't know whether that includes blocking IP ranges with a private list.
> Personally I use SA because it's "close enough" and I got tired of working > out all my own filter rules, but perhaps there's room for SA to focus more > on header patterns than it does so far -- possibly combined with skipping > the body checks entirely if the header clearly indicates spam. yep, that's what we've been aiming for recently. BTW I would imagine he shares the same kind of mail load as typical procmail hackers might ;) -- ie. not a lot of HTML newsletter false positives to worry about, that kind of thing. For that setup, it's quite easy (comparatively) to get good results; banning HTML-only (with no text/plain version) mails (CTYPE_JUST_HTML) will catch 46% of spam alone. Most of the FPs for that rule are newsletters and Hotmail-sent messages, in my experience. In recent versions we've been concentrating on avoiding FP's, including newsletters etc.; and we have a pretty big corpus of those... so I'd say if we tested with a less newsletter-heavy corpus we should be seeing a pretty high hit-rate. --j. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
